My company distributes a Windows Installer for a Server based product. As per best practices it is signed using a certificate. In line avec Microsoft's advice we use a GlobalSign code signing certificate, qui Microsoft claims is recognised par défaut by tous Windows Server versions.
Now, this tous works well sauf si a server has been configured avec Group Policy: Computer Configuration / Administrative Templates / System / Internet Communication Management / Internet Communication settings / Turn off Automatic Root Certificate Update as Enabled.
We found that one of our early beta testers was running avec this configuration resulting in le suivant error pendant installation
A file that is requis cannot be installed parce que le cabinet file [long path to cab file] has an invalid digital signature. This may indicate that le cabinet file is corrupt.
We wrote this off as an oddity, après tous no-one was able to explain why le system was configured like this. Cependant, now that le software is disponible for general use, it appears that a double digit (percentage) of our customers are configured avec this setting et no-one knows why. Many are reluctant to changez le setting.
Nous avons written a KB article for our customers, mais we really ne want le problem to happen at tous as we actually care about le customer experience.
Some things we have noticed tandis que investigating this:
A fresh Windows Server installation does pas show le Globalsign cert in le list of trusted root authorities.
With Windows Server pas connected to le internet, installing our software works fine. At le end of le installation le Globalsign cert is present (not imported by us). In le background Windows appears to install it transparently on premier use.
So, here is mon question again. Why is it so common to disable updating of root certificates? What are le potential side effects of enabling updates again? Je veux to make sure we can provide our customers avec le approprié guidance.
