5 Replies Latest reply on May 31, 2013 6:37 AM by sagarmc004

    ERROR: pkgc_validate.c Solidcore signature is not verified

    sagarmc004

      Hi

       

      I am trying to run a MSI package which is self signed. I generated my own keys and I signed this MSI using the keys I generated.

       

      I used makecert from Microsoft to generate the key pair and a codesigning certificate (SPC). Below are the commands I used to create my certificate

       

      Created key pairs using makecert:

      makecert -r -pe -n "CN=MY CA" -ss CA -sr CurrentUser -a sha1 -cy authority -sky signature -sv SoCo.pvk SoCo.cer

       

      Imported the certificate to Root using certutil:

      certutil -user -addstore Root SoCo.cer

       

      Created code-signing (SPC) Certificate:

      makecert -pe -n "CN=SoCo SPC" -a sha1 -cy end -sky signature -ic SoCo.cer -iv SoCo.pvk -sv SoCoSPC.pvk SoCoSPC.cer

       

      Converted the certificate and key into a PFX file:

      pvk2pfx -pvk SoCoSPC.pvk -spc SoCoSPC.cer -pfx SoCoSPC.pfx

       

      Used pfx certificate for signing the MSI:

      signtool sign /v /f SoCoSPC.pfx D:\My.MSI

       

      Extracted the certificate from MSI using SCGetCerts from Solidcore:

      SCGetCerts PathtoMSI Outputpath -O

       

      Added the Certificate to McAfee Solidcore Certificate Store:

      Sadmin cert add my.cer

       

      When I tried to install the MSI, I got an error saying that system Administrator has set policies to prevent this installation. I also noticed the ERROR: pkgc_validate.c Solidcore signature is not verified inside solidcore log file.

       

      What is wrong with my certificate ? or Am I not following a proper procedure for code signing ?

       

      Regards,

      Sagar