This project has moved and is read-only. For the latest updates, please go here.

[Solved] certificate not recognized.

Topics: Configuration Issue, Publishing Issue
Sep 22, 2014 at 7:51 AM
It 's almost a year I use this fantastic tool, never had any problems until now.

But a few days the updates of adobe, oracle etc etc are no longer issued.

On the client and on the server I get the same error:
code 80B0109

I checked every step of the guide and nothing has changed since I started using WPP.

The certificate in use is not expired.

What could have happened?
Sep 22, 2014 at 12:44 PM
Hi, this error code mean :
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider
Are you using a self-signed certificate or do you have issued this certificate from your own certifidate authority ?
Sep 22, 2014 at 3:02 PM
I've always used the certificate generated by the console WPP
Sep 22, 2014 at 9:58 PM
Verify that :
  • The certificate is still present in the "Trusted root certification authorities" and "Trusted Publishers" (local computer stores)
  • The certificate is not present in the "not authorized certificates" store.
  • The certificate has not been revocated.
Try to open the self-signed certificate and see if Windows trust it.
Sep 23, 2014 at 9:15 AM
First of all thanks for the help.

I have checked several times the configuration and the certificate but have not found anything different, perhaps more eyes can help me.

Yesterday I created a new CERTIFICATE from the console of WPP and I followed the procedure step by step, but not yet resolved.

Here are the pictures of my setup is that the certified local GPO on the server:

Image
Image
Image
Image
Sep 23, 2014 at 11:33 AM
Could it be that the GPO settings for 3rd party software has changed?
The certificates must have all the same code.
Sep 23, 2014 at 12:42 PM
the serial number and the code signing is the same on all PCs.

For now rule out a problem with GPO because I have the same error on the server wsus (on himself) and also on the test pc in workgroup where I manually applied to the certificates and the key:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ WindowsUpdate \ AcceptTrustedPublisherCerts = 1

help do not know what to do!

Yet until August I'm sure that worked very well.
Sep 30, 2014 at 7:20 PM
Yesterday I created a new CERTIFICATE from the console of WPP and I followed the procedure step by step, but not yet resolved.
If you want to use a new certificate, you have to re-sign all published updates.
Oct 1, 2014 at 11:03 AM
when I run the Resign of the file I have an error message "Resign failde with error: Failed to sign package;error was 2148081670", I guess the only solution is to recreate all the packages, right?
Oct 1, 2014 at 11:55 AM
marioalpha wrote:
when I run the Resign of the file I have an error message "Resign failde with error: Failed to sign package;error was 2148081670", I guess the only solution is to recreate all the packages, right?
There are a couple of possible solutions:

http://social.technet.microsoft.com/forums/systemcenter/en-US/6db2d77b-7c2b-4402-bb35-e303e0dde637/failed-to-sign-package-error-was-2148081670
https://wsuspackagepublisher.codeplex.com/discussions/470461
http://knowledgebase.solarwinds.com/kb/questions/5140/Failed+to+sign+package+with+error+2148081670
Oct 1, 2014 at 3:53 PM
thanks to you all,

solved in this way:
eliminated the certificates on the local server and the client via GPO;
regenerated new certificate;
applied locally on the server and on the client via GPO;
Risigned packages.

Now it's back to work !!
Marked as answer by DCourtel on 10/18/2014 at 1:05 AM