Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Sunday, January 15, 2012 1:30 PM
I'm trying to install visual studio sp1 and get the error message File VS10sp1_x86.msi (E:\VS10sp1_x86.msi), failed authentication. (Error = -2146762496). It is recommended that you delete this file and retry setup again.
I'm installing from a DVD.
Why it's failing is because my system doesn't see that it has a digital signature. Right-clicking on the file and seleting Properties shows no digital signature. However, the same file viewed on another system does show that it has a digital signature.
I've ran sfc /scannow and everything is fine.
I've ran checksur, examined the logs, and everything is fine.
I've ran
regsvr32 Softpub.dll
regsvr32 Wintrust.dll
regsvr32 Mssip32.dll
and everything is fine.
The certificates I'd expect to see in certmgr.msc and in IE9 (Tools/Internet Options/Content/Certificates/Trusted Root Certificates) are all there.
I can see the digital signatures on other files.
So - what can be causing this? I'm running Vista Ultimate, SP2.
Cheers
VP
Edited to add: vslogs.cab uploaded to my skydrive. https://skydrive.live.com/redir.aspx?cid=7f381ebfc0b70f44&resid=7F381EBFC0B70F44!129&parid=7F381EBFC0B70F44!107&authkey=!ALhdAwTzlG4r3Vc
All replies (15)
Tuesday, January 17, 2012 6:35 AM
Hi Clanc789,
Welcome to the MSDN forum.
From your logs:
[1/14/2012, 17:25:55]Verifying Digital Signatures: E:\VS10sp1_x86.msi
[1/14/2012, 17:25:55] E:\VS10sp1_x86.msi: Verifying signature for VS10sp1_x86.msi...
[1/14/2012, 17:25:55]Possible transient lock. WinVerifyTrust failed with error: 2148204800
[1/14/2012, 17:25:55]Possible transient lock. WinVerifyTrust failed with error: 2148204800
[1/14/2012, 17:25:55]E:\VS10sp1_x86.msi - Signature verification for file VS10sp1_x86.msi (E:\VS10sp1_x86.msi) failed with error 0x800b0100 (No signature was present in the subject.)
[1/14/2012, 17:25:55] E:\VS10sp1_x86.msi Signature could not be verified for VS10sp1_x86.msi
[1/14/2012, 17:25:55]No FileHash provided. Cannot perform FileHash verification for VS10sp1_x86.msi
[1/14/2012, 17:25:55]File VS10sp1_x86.msi (E:\VS10sp1_x86.msi), failed authentication. (Error = -2146762496). It is recommended that you delete this file and retry setup again.
[1/14/2012, 17:25:55]Failed to verify and authenticate the file -E:\VS10sp1_x86.msi
[1/14/2012, 17:25:55]Please delete the file, E:\VS10sp1_x86.msi and run the package again
We can learn that the installation process tried to verify the digital signatures of file “E:\VS10sp1_x86.msi” as you said, but failed.
First, I recommend you delete this file and try to install Service Pack 1.
Second, the installation file is corrupt, so I recommend you redownload Visual Studio Service Pack 1 from: http://go.microsoft.com/fwlink/?LinkId=210710
Third, extract ISO file to your local hard disk.
Then, please update the Root Certificates: http://www.microsoft.com/download/en/details.aspx?id=28175
Next, clean up the %temp% folder.
Finally, run setup.exe as administrator.
If you encounter any other problem during the installation, please collect the fresh logs again.
If you have any other questions, please feel free to let me know.
Best Regards,
Alexander Sun [MSFT]
MSDN Community Support | Feedback to us
Tuesday, January 17, 2012 10:40 AM
Thanks for the suggestions, Alexander -
I downloaded VS SP1 from the link you gave. MD5SUM of the iso: 610f8bc8d42e804a54e67dc786fa453b *VS2010SP1dvd1.iso
I extracted the ISO my local hard disk.
I updated the Root Certificates using the link you gave.
I cleaned out %temp%
I ran setup.exe as administrator and got the same error.
I ran MD5SUM on the file that apparently doesn't have a digital signature. MD5SUM: 720f3862749009d10bd6c12fdc4c86dd *VS10sp1_x86.msi
I've collected fresh logs, and they are at https://skydrive.live.com/redir.aspx?cid=7f381ebfc0b70f44&resid=7F381EBFC0B70F44!133&parid=7F381EBFC0B70F44!107
So - what's my next step?
Cheers,
Mik, aka The Vampire Parrot
Wednesday, January 18, 2012 6:41 AM
Hi Mik,
Frankly speaking, it is strange. I tried to check the Digital Signatures of VS10sp1_x86.msi on my side, and I was able to find it.
You can also try the suggestions listed here: http://social.msdn.microsoft.com/Forums/en/vssetup/thread/88da4438-9c59-411c-99c4-1df7866f24ff
I hope this helps.
Best Regards,
Alexander Sun [MSFT]
MSDN Community Support | Feedback to us
Wednesday, January 18, 2012 9:44 AM
Andrew,
If I examine VS10sp1_x86.msi on another system then I can see the digital signature. It's only on my main system that I can't see the digital signature! I can see the digital signatures of other files, just not VS10sp1_x86.msi This makes me think that perhaps one of the system dll files is corrupt or missing. I have already checked that the registry key Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State has the value 0x00023c00 So - what should i try next? Is there a way of checking to see if I have missing or corrupt system dll files that are responsible for verifying digital signatures? Cheers... Mik
Edited to add: I installed the sysinternals tool sigcheck. It can find signatures on setup.exe and on pretty much all the files in C:\Windows\System32\drivers. But it can't find a signature on VS10sp1_x86.msi But if I run sigcheck on the same file from another system, it does find the signature. So......?
Thursday, January 19, 2012 8:47 AM
Hi Mik,
Based on your information, I agree with you. It seems like some dlls or registry keys on your main OS are corrupt, so I recommend you try complete format and reinstall the OS. Frankly speaking, sometimes setup issues are more complex than what we can imagine, because of different machines, different OS settings, different software installed and so on. For you situation, although the reinstallation or repair seems like inconvenient and wasting a lot of time, compared with that endless searching and try but no avail, it is a quicker and more direct way to resolve some tough problem in fact. If you have any other questions after the reinstall, please feel free to let me know.
Best Regards,
Alexander Sun [MSFT]
MSDN Community Support | Feedback to us
Tuesday, January 24, 2012 3:41 PM
Hi Alexander,
I'm afraid that a reformat and OS reinstallation isn't an option. In my 30 years as a software engineer/consultant, I've had similar corruption problems on other systems, and always managed to find the solution as the tools and information to diagnose the problem (on Linux and HP-UX) were available.
If I knew which libraries/registry entries were used to verify the digital signature, then I could verify that those libraries/registry entries were correct (md5 is my friend) and fix/replace what was wrong. So - how do I determine which files/dlls/etc. I should examine?
Cheers,
Mik
Thursday, January 26, 2012 1:38 PM
Hi Alexander,
I downloaded the Visual Studio 2010 SP1 ISO today and I have the same problem. The message though is "A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.)"
I checked the certificate and it is valid from 7.12.2009 to 7.03.2011, so you signed the file with an old certificate. Might this be an issue.
Regards,
Maurice
Friday, January 27, 2012 8:59 AM
Hi Mik,
Please try these:
· Right click the VS10sp1_x86.msi file.
· Switch to the Digital Signatures tab.
· Click “Details”.
· Click “View Certificate”.
· Click “Install Certificate…”.
· Click “Next”.
· Select “Place all certificates in the following store”.
· Click “Browse…”.
· Select “Trusted Root Certification Authorities” and click “OK”.
· Click “Next”.
Then try to install Visual Studio 2010 Service Pack 1 again.
I hope this helps.
Best Regards,
Alexander Sun [MSFT]
MSDN Community Support | Feedback to us
Friday, January 27, 2012 4:07 PM
Hi Alexander,
The file VS10sp1_x86.msi does not appear to have a digital signature when I right-click it on the machine which I'm having problems with. However, the same file, when right-clicked from a different machine, does have a digital signature. I know it's exactly the same file because I shared it from the host machine.
Other files in the same directory, e.g. setup.exe do have digital signatures, although their digital signature has a timestamp of "20 February 2011 19:43:01" whereas the VS10sp1_x86.msi file's digital signature has a timestamp of " 22 February 2011 12:56:23"
Now what is interesting is that the timestamp on the file I'm having problems with, VS10sp1_x86.msi, has some extra spaces in it. i.e. there is a space before the initial 22, there is an additional space after the 22, there is an additional space between February and 2011. So, is there a problem parsing the digital signature's date?
Cheers,
Mik
Monday, January 30, 2012 9:43 AM
Hi Mik,
I guess the installation files you downloaded are corrupt. Please take a look at this page: http://blogs.msdn.com/b/heaths/archive/2011/03/25/verify-the-iso-checksum-for-visual-studio-2010-service-pack-1-before-installing.aspx
Please use the File Checksum Integrity Verifier to check the ISO file you download.
I hope this helps.
Best Regards,
Alexander Sun [MSFT]
MSDN Community Support | Feedback to us
Monday, January 30, 2012 3:08 PM
Hi Alexander,
The installation files are fine. The checksums match.
Cheers,
Mik
Wednesday, February 1, 2012 2:27 AM
hi Mik,
Please check the registry value under, which should be 23c00
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State.
Besides, I think the current issue requires a more in-depth level of support. Please visit the below link to see the various paid support options that are available to better meet your needs.
http://support.microsoft.com/default.aspx?id=fh;en-us;offerprophone
Tracy YU[MSFT] MSDN Community Support | Feedback to us Get or Request Code Sample from Microsoft Please remember to mark the replies as answers if they help and unmark them if they provide no help.
Thursday, February 2, 2012 5:01 PM
Hi -
The registry value is correct... I've also checked VS10sp1_x86.msi with signtool. When I run signtool on it on my work laptop, it has a digital signature. When I run signtool on it on the problem system, it doesn't have a digital signature (at least according to signtool.). It's the same file - it has the same checksum on both my work laptop and on the problem system.
Cheers,
Mik
Thursday, February 16, 2012 5:31 PM
It looks like the problem I'm having is a known problem that still hasn't been fixed.
has the details.
Mik
Friday, February 17, 2012 5:23 PM
I turned CAPI2 logging on in the event viewer, and running signtool verify /pa VS10sp1_x86.msi gives the error "Unknown trust provider" and produced the following CAPI2 log events:
| - | System |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| - | UserData |
|
Again, running signtool verify /pa VS10sp1_x86.msi on another system verifies that the signature is correct.
I get exactly the same problem trying to install the .NET4 security update KB2633870 on the file NDP40-KB2633870.msp the other files in the .NET4 security update do have valid signatures. Again when I copy the NDP40-KB2633870.msp file to another system, its signature verifies. And like the file VS10sp1_x86.msi the signature's date has spaces in it. It seems to me that there is a problem with winverifytrust() parsing the digital signature date on files when the date contains spaces. Asking around at work (I work for a major computer company) this is a known problem with some systems.
Mik