In accordance with Microsoft best practices, each Lanamark Explorer is digitally signed using a certificate issued by a certificate authority that is trusted in all versions of Microsoft Windows. This is done to prevent tampering and to prove that the data collector was produced by Lanamark.

If the machine where the Lanamark Explorer is being deployed does not have outbound Internet connectivity, standard certificates are removed or automatic certificate updates are disabled, you are likely to see the following error:

A file that is required cannot be installed because the cabinet file (path to neutral.cab) has an invalid digital signature. This may indicate that the cabinet file is corrupt.

Enable Internet connectivity

If the machine where the Lanamark Explorer is being deployed does not have outbound Internet connectivity, enable it and retry installing the Lanamark Explorer. This may be sufficient to resolve the issue and is necessary for Lanamark Explorer installation and data synchronization.

Allow root certificates to be updated

In certain Microsoft Windows deployments, standard certificates are removed or automatic root certificate updates are disabled. The quickest way to remedy these issues is to allow root certificates to be automatically updated:

1. Ensure that Group Policy at Computer Configuration / Administrative Templates / System / Internet Communication Management / Internet Communication settings / Turn off Automatic Root Certificate Update is Disabled
2. Use gpedit.msc to edit the Group Policy and refresh it by running gpupdate.exe/force
3. Install the Lanamark Explorer
4. Revert the Group Policy back using gpedit.msc and refresh it by running gpupdate.exe/force

Identify missing or invalid certificates

Follow these steps to determine which certificate is missing or invalid:

1. Right-click on Lanamark.Explorer.Setup.exe and select Properties
2. Click on the Digital Signatures tab

3. Select Lanamark Inc. signature and click Details.
4. Check the status of the digital signature under Digital Signature Information. 

5. If the digital signature cannot be verified, then the Thawte certificates are most likely missing on the machine.
6. Click View Certificate and go to the Certification Path.
7. Check the status of each certificate in the Certification path.

Manually install missing certificates

Missing Thawte certificates can be installed as follows:

1. Download Thawte Primary Root CA certificate and Thawte Code Signing SHA-2 (under SHA1-Root) Intermediate CA certificate.
2. Click View Certificate on each certificate and then Install Certificate.

Did this answer your question?