Issue:
Customers may encounter the following error: “The signature of this program is corrupt or invalid” when installing the SES version 7.1SR2a (and previous versions) executable file.
Symptoms:
Customers may be led to believe that the installer executable is corrupted or contains malware. This is not the case.
Main Cause:
The VeriSign Certificate that is used to certify the SES Installer is legitimately from WinMagic, but had expired on March 18, 2016, shortly after the SES 7.1SR2a installer was created. The digital code signing determines that the certificate was valid within a period that the binary file (s) was/were created and it continues to be valid (though expired) even after the date of expiration.
Even if the certificate is expired, the pair of certificate + binary stays intact and confirms it as legitimate binary.
Product version affected:
SES 7.1SR2a (and previous versions)
Environment (OS/hardware/software):
Windows OS Servers
Please refer to the system requirements for SecureDoc Enterprise Server
http://www.winmagic.com/support/technical-specifications
Resolution:
Since the actual installer for SES 7.1SR2a (and previous versions) was actually BUILT within the "live" period of this certificate, those builds continue to be legitimately signed, even though the digital certificate has since expired.
Please ignore the error message and proceed with the installation.
A new VeriSign certificate (a trusted signing authority) has already been applied to all current and future builds.
Reference:
SES-454