5 Replies Latest reply on May 31, 2013 6:37 AM by sagarmc004

    ERROR: pkgc_validate.c Solidcore signature is not verified




      I am trying to run a MSI package which is self signed. I generated my own keys and I signed this MSI using the keys I generated.


      I used makecert from Microsoft to generate the key pair and a codesigning certificate (SPC). Below are the commands I used to create my certificate


      Created key pairs using makecert:

      makecert -r -pe -n "CN=MY CA" -ss CA -sr CurrentUser -a sha1 -cy authority -sky signature -sv SoCo.pvk SoCo.cer


      Imported the certificate to Root using certutil:

      certutil -user -addstore Root SoCo.cer


      Created code-signing (SPC) Certificate:

      makecert -pe -n "CN=SoCo SPC" -a sha1 -cy end -sky signature -ic SoCo.cer -iv SoCo.pvk -sv SoCoSPC.pvk SoCoSPC.cer


      Converted the certificate and key into a PFX file:

      pvk2pfx -pvk SoCoSPC.pvk -spc SoCoSPC.cer -pfx SoCoSPC.pfx


      Used pfx certificate for signing the MSI:

      signtool sign /v /f SoCoSPC.pfx D:\My.MSI


      Extracted the certificate from MSI using SCGetCerts from Solidcore:

      SCGetCerts PathtoMSI Outputpath -O


      Added the Certificate to McAfee Solidcore Certificate Store:

      Sadmin cert add my.cer


      When I tried to install the MSI, I got an error saying that system Administrator has set policies to prevent this installation. I also noticed the ERROR: pkgc_validate.c Solidcore signature is not verified inside solidcore log file.


      What is wrong with my certificate ? or Am I not following a proper procedure for code signing ?