WinVerifyTrust uses Windows Driver Verification Policy when run as part of MSI custom action

975 views Asked by At

I have some (c++ win32 api) code that verifies signature of the files. The same code executed in ActiveX and in custom action of the MSI.

When it run as part of ActiveX the check succeed, but when it is executed as part of custom action of MSI the verification fails.

I have used signtool.exe and checked the files. So without /pa flag the verification fails. I assume, for some reason, when executed in ActiveX the Default Authentication Verification Policy and when executed in custom action of MSI - it uses Windows Driver Verification Policy.

Any ideas how to make it work for MSI ?

Thanks Zaky

1

There are 1 answers

3
Zaky On

The issue was resolved when I have added certificate at MACHINE level to publishing services.