I've just upgraded a system to 10.5.4 and getting this error when trying to run BPA tests.
Another question has been raised about it https://community.dataminer.services/question/exception-bpa-doesnt-have-a-valid-signature/ but no particular answer why the BPAs won't run compared to 10.4.5 apart from the intermediate and root certs are needed.
Do all BPAs need to be signed in the newer versions of DataMiner, as where they didn't before?
Our offline systems have the root certs but not the intermediate certs: -
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
Sectigo Public Code Signing Root R46
Sectigo Public Code Signing CA R36
I can see the certificates against the digital signature for the BPA dlls have the entire certificate path in them.
Can at least the intermediate certificates be included in the SkylineCodeSigning2024 & SkylineCodeSigning2024-DigiCert certs to prevent this issue where servers don't have internet access?
Hi Seppe,
I haven't tried all of them, but 4 odd I have tried all fail.
Can you please share the SLBPAManager.txt logging?
For this to work in systems isolated from the internet I wrote a powershell script to deploy 'DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1.cer' and 'Sectigo Public Code Signing CA R36.cer' into the machine 'Intermediate Certification Authorities' store on all the DMA's.
Even with the latest root certificates deployed via Windows updates, the intermediate certificates aren't installed, and are only available for validation if the DMA's have internet access to get the missing certs from the certificate authorities.
Hi Philip, do all the BPA test fail or only a few?