Installer claims that a cabinet file has an invalid digital signature

Owned by René Pape
Last updated: 16 Sept 2020 by Anders Kastberg
2 min read


During installation, a message like this may appear:

This is most often caused be the server or workstation not being fully updated through an internet connection as Microsoft with one of their security updates has invalidated some older root certificates, and the error is more likely to be seen on Windows 7 or Windows Server 2008 machines.

The DVI installation package is referring to the new and valid root certificates, and if your server hasn't been updated to accept these, you will get the above error.

You may test if it is the cause by looking at the properties of the installer exe file (in this example DVI5setup5.1.1.5.exe):

Click the tab "Digital Signatures":

Select the 'sha256' line and click "Details":

In this case it says "This digital signature is OK." right below the headline, indicating that your server certificates are updated to a proper level.

In order to get more detail, you could click "View Certificate":

Click the "Certification Path" tab:

This will show you that the KMD DVI Aps certificate is depending on 'COMODO RSA Extended Validation Code Signing CA', which is again depending on 'Sectigo Universal Root Certification Authority'.

If your certification path is not OK, you must supply the missing root certificate(s).

You can download the required certificate here 

Installation ot the certificates is typically done by just double-cliking the relevant .cer file(s), but it all depend on your operating system.