Hi all, have the following exception when trying to execute a BPA test:
System.Exception: BPA doesn't have a valid signature
at Skyline.DataMiner.Net.BPA.BpaManager.RunTest(IConnectionInfo clientInfo, Bpa bpa, BpaExecuteConfig executeConfig, ExternalBpaProcess extProcess)
What does it mean and how can I resolve this?
Hi Stijn,
The log file SLBPAManager will usually contain events related to BPA.
You will see something like this at the start of this file :
2024/12/04 01:09:19.090|SLNet.exe|RefreshAcceptedCertificates|CRU|0|119|Force loaded certificate: SkylineCodeSigning.cer (Skyline Certificate). WARNING! Machine might not have latest Windows Updates.
2024/12/04 01:10:49.175|SLNet.exe|RefreshAcceptedCertificates|CRU|0|119|Force loaded certificate: SkylineCodeSigning2021.cer (Skyline Certificate). WARNING! Machine might not have latest Windows Updates.
2024/12/04 01:11:19.297|SLNet.exe|RefreshAcceptedCertificates|ERR|0|119|Ignoring certificate SkylineCodeSigning2024-DigiCert.cer: Certificate is not trusted by the machine
This indicates the issue here.
This summer our old code signing certificate expired and was renewed for the 2024- 2027 period.
This machine isn't on the latest Windows updates and thus the certificates aren't recognized yet.
The workaround in this scenario would be to update the Windows machine so that it has the latest recognized root certificates from the public authorities (digicert).
Hi Stijn,
That error probably means the BPA assembly was not signed.
The (internal) procedure to get a BPA signed can be found here.
I've got the same error on some of SLC own BPA's
(for instance https://docs.dataminer.services/user-guide/Advanced_Functionality/DataMiner_Systems/BPA_tests/BPA_Check_Agent_Presence.html)
(version 10.4.10)
I was able to get this fixed on a DataMiner agent without upgrading the server. I installed the following certificates manually in the Trusted Root Certification Authorities folder:
digicert-trusted-g4-code-signing-rsa4096-sha384-2021-ca1.cer
SectigoPublicCodeSigningCAR36.crt
SectigoPublicCodeSigningRootR46.crt
SkylineCodeSigning2024.cer
SkylineCodeSigning2024-DigiCert.cer
The first 3 you can find online, the other two under the folder "C:\Skyline DataMiner\BPA\Certificates\"
A few day ago we have updated to 10.5. and since then we had the same issue.
SLBPAManager.txt:
2025/03/26 11:06:44.849|SLNet.exe|RefreshAcceptedCertificates|CRU|0|97|Force loaded certificate: SkylineCodeSigning.cer (Skyline Certificate). WARNING! Machine might not have latest Windows Updates.
2025/03/26 11:07:29.889|SLNet.exe|RefreshAcceptedCertificates|CRU|0|97|Force loaded certificate: SkylineCodeSigning2021.cer (Skyline Certificate). WARNING! Machine might not have latest Windows Updates.
2025/03/26 11:08:14.922|SLNet.exe|RefreshAcceptedCertificates|ERR|0|97|Ignoring certificate SkylineCodeSigning2024-DigiCert.cer: Certificate is not trusted by the machine
2025/03/26 11:08:29.941|SLNet.exe|RefreshAcceptedCertificates|ERR|0|97|Ignoring certificate SkylineCodeSigning2024.cer: Certificate is not trusted by the machine
Our Dataminer Windows Server is i an Firewall protected Environment and only gets updates if theses are rolled out globally within the company. I can not do updates by myself. Is there another workaround for trusiting or importing these certificates?