cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ISEXP: fatal error -7219: Failed to verify digital signature Error -2147467259:

ISEXP: fatal error -7219: Failed to verify digital signature Error -2147467259:

Summary

ISEXP: fatal error -7219: Failed to verify digital signature of <> Error -2147467259: Automation error

Symptoms

This build error usually occurs due to expired, corrupt or missing root certificates on your machine.

ISDEV: fatal error -7210: Failed to verify digital signature

ISDEV : fatal error -7219: Failed to verify digital signature of C:\Program Files\InstallShield\VERSION\System\IsUiServices.dll

Cause

The Build Machine Does Not Have Latest currently used root Certificates

This is related to the operating system and is generally seen if building on an offline machine or a machine missing the latest root certificate update.

Resolution

Ensure your Windows Trusted root certificates are up to date:
https://support.microsoft.com/en-gb/kb/293781

If your certificate has expired or become corrupted, verify if this is the case by right clicking on C:\Program Files (x86)\InstallShield\VERSION\System\ISUIServices.dll to view the properties - if there is a Warning triangle this needs to be updated replaced.

The current certificate is VeriSign Class 3 Public Primary Certification Authority -G5

The certificate is no longer publicly downloadable from VeriSign Website, this particular site no longer exists, since they were aquired by Symantec.



Workaround

In order to obtain an updated certificate for this

Goto https://www.websecurity.digicert.com/theme/roots


Locate Root 3

Name: VeriSign Class 3 Public PCA - Generation 5 (G5)
Serial Number: 18 da d1 9e 26 7d e8 bb 4a 21 58 cd cc 6b 3b 4a
Operational Period: Tue, November 08, 2006 to Wed, July 16, 2036
Certificate SHA1 Fingerprint: 4e b6 d5 78 49 9b 1c cf 5f 58 1e ad 56 be 3d 9b 67 44 a5 e5

Change the extension to cer, double click on the file to open the certificate, and click the install button. You should install this certificate to the Trusted Root Certificate Authorities Store.


Symantec SHA256 TimeStamping Signer Certificate - G1

Download and install the certificate at the below link:
https://symantec.tbs-certificats.com/vsign-universal-root.cer

Double click on the file to open the certificate and click the install button. You should install this certificate to the Trusted Root Certificate Authorities Store.

Additional Information

Symantec - Licensing and Use of Root Certificates
https://www.symantec.com/page.jsp?id=roots

See also: Windows 8 and Windows Server 2012: How to Open the Certificates Console
http://social.technet.microsoft.com/wiki/contents/articles/11497.how-to-open-the-certificates-console-in-windows-8-and-windows-server-2012.aspx

Related KB Articles

Error -7210</>

Labels (1)
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Nov 08, 2019 08:55 AM
Updated by:
Contributors