Prev: 0X8013700
Next: Error 0x80070001 when installing WGA
From: Matthias Kracht on 26 Feb 2008 12:33
We have published own created updates using wsus. The updates was
automatically signed by an certificate, which was created explicit for the
server. The root certificate is published on the computer as "trusted root".
Now we have digital signature errors on some computers(Windows Vista) like
the following:

2008-02-26 18:13:38:942 1020 cf4 DnldMgr BITS job
{92E46536-BB95-468B-8C4A-4129FAF413B3} completed successfully
2008-02-26 18:13:39:021 1020 cf4 Misc Validating signature for
C:\Windows\SoftwareDistribution\Download\4c04a18e468da1078fbeccdba67fe55f\15702aee91a845bedac5f000dad241cacef96f77:
2008-02-26 18:13:39:036 1020 cf4 Misc Microsoft signed: No
2008-02-26 18:13:39:036 1020 cf4 Misc Trusted Publisher: No
2008-02-26 18:13:39:036 1020 cf4 Misc WARNING: Digital Signatures on file
C:\Windows\SoftwareDistribution\Download\4c04a18e468da1078fbeccdba67fe55f\15702aee91a845bedac5f000dad241cacef96f77 are not trusted: Error 0x800b0004
2008-02-26 18:13:39:036 1020 cf4 DnldMgr WARNING: File failed
postprocessing, error = 800b0004
2008-02-26 18:13:39:036 1020 cf4 DnldMgr Failed file: URL =
'http://server.local.net/Content/77/15702AEE91A845BEDAC5F000DAD241CACEF96F77.cab',
Local path =
'C:\Windows\SoftwareDistribution\Download\4c04a18e468da1078fbeccdba67fe55f\15702aee91a845bedac5f000dad241cacef96f77'
2008-02-26 18:13:39:036 1020 cf4 DnldMgr Error 0x800b0004 occurred while
downloading update; notifying dependent calls.

Now the question is: Which kind of error is it? I tried to validate the
signing of the file using "signtool /verify" and it was successful.
From: PA Bear [MS MVP] on 26 Feb 2008 14:08
Forwarded to WSUS newsgroup
(microsoft.public.windows.server.update_services) via crosspost as a
convenience to OP.

On the web:
http://www.microsoft.com/communities/newsgroups/list/en-us/default.aspx?dg=microsoft.public.windows.server.update_services

In your newsreader:
news://msnews.microsoft.com/microsoft.public.windows.server.update_services
--
~PA Bear

Matthias Kracht wrote:
> We have published own created updates using wsus. The updates was
> automatically signed by an certificate, which was created explicit for the
> server. The root certificate is published on the computer as "trusted
> root".
> Now we have digital signature errors on some computers(Windows Vista) like
> the following:
>
> 2008-02-26 18:13:38:942 1020 cf4 DnldMgr BITS job
> {92E46536-BB95-468B-8C4A-4129FAF413B3} completed successfully
> 2008-02-26 18:13:39:021 1020 cf4 Misc Validating signature for
> C:\Windows\SoftwareDistribution\Download\4c04a18e468da1078fbeccdba67fe55f\15702aee91a845bedac5f000dad241cacef96f77:
> 2008-02-26 18:13:39:036 1020 cf4 Misc Microsoft signed: No
> 2008-02-26 18:13:39:036 1020 cf4 Misc Trusted Publisher: No
> 2008-02-26 18:13:39:036 1020 cf4 Misc WARNING: Digital Signatures on file
> C:\Windows\SoftwareDistribution\Download\4c04a18e468da1078fbeccdba67fe55f\15702aee91a845bedac5f000dad241cacef96f77
> are not trusted: Error 0x800b0004 2008-02-26 18:13:39:036 1020 cf4 DnldMgr
> WARNING: File failed
> postprocessing, error = 800b0004
> 2008-02-26 18:13:39:036 1020 cf4 DnldMgr Failed file: URL =
> 'http://server.local.net/Content/77/15702AEE91A845BEDAC5F000DAD241CACEF96F77.cab',
> Local path =
> 'C:\Windows\SoftwareDistribution\Download\4c04a18e468da1078fbeccdba67fe55f\15702aee91a845bedac5f000dad241cacef96f77'
> 2008-02-26 18:13:39:036 1020 cf4 DnldMgr Error 0x800b0004 occurred while
> downloading update; notifying dependent calls.
>
> Now the question is: Which kind of error is it? I tried to validate the
> signing of the file using "signtool /verify" and it was successful.

From: Harry Johnston [MVP] on 26 Feb 2008 17:09
PA Bear [MS MVP] wrote:

> Forwarded to WSUS newsgroup
> (microsoft.public.windows.server.update_services) via crosspost as a
> convenience to OP.

Actually it sounds like a digital certificates issue - I don't know which
newsgroup would be most suitable. One of the Vista groups perhaps?

If it really is specific to the way WSUS verifies certificates, I think the OP
may be on their own; I don't know of anybody else who has tried to do this before.

>> We have published own created updates using wsus. The updates was
>> automatically signed by an certificate, which was created explicit for the
>> server. The root certificate is published on the computer as "trusted root".
>> Now we have digital signature errors on some computers(Windows Vista) like
>> the following:

What mechanism did you use to publish the certificate to the client computers?
Have you doublechecked that the certificate is present? Have you tried copying
the file to the client and examining the certificate via Windows Explorer?

Harry.
 | 
Pages: 1
Prev: 0X8013700
Next: Error 0x80070001 when installing WGA