Hello-

When I build a project with IS2013 I am getting a fatal error 7210:
ISDEV : fatal error -7210: Failed to verify digital signature of C:\Program Files (x86)\InstallShield\2013 SP1 SAB\System\ISWIBuild.dll

I looked at the digital signature on the dll and it could not be verified by windows. The certification path includes a Verisign Class 3 Public Primary Certification Authority - G5 which I have explicitly disabled on my build system for code signing. The reason for this is that I have to support disconnected clients running very old versions of windows XP and in some case Win2k. The new Verisign key is not present on the old systems. This causes WinTrustVerify errors when users attempt to install a product signed with this key.

Does anyone know if there is any workaround for this that will allow me to keep this G5 cert disabled? Further, does anyone know what certs were available in IE 8.0? I can't seem to find the list.
I am assuming that it was included in IE 8.0 since the cert in question was generated in 2006 and IE8.0 was released in 2009. This is only an assumption. I would like some documentation to back up my theory before I propose anything to my managers about changing our entire product line's system requirements. In case you are wondering, I mention IE8 specifically since IE at least used to be the delivery method for these CA Updates.

As a secondary workaround I could use the XP hotfix to update the CA's but there is no similar one for Win2k...

Regards