Context
When updating the servers in a domain, when an attempt is made to add a package before propagating it, the update fails.
The message ‘This update package is not secure’ is displayed.
Cause
This behaviour occurs in particular when the update package contains an invalid update.cat file. To check the validity of the certificate :
-
open the downloaded and unzipped installation package;
-
open the Security Catalog by clicking on the update.cat file:
-
in the Security catalog interface, check the information relating to the security catalogue :
-
in the Security catalog interface, click on View signature, then View Certificate to find out the name of the certificate:
-
Run the certificate manager to check that the expected certificate does not appear in the list:
Resolution
If the certificate is not on the list, a valid DigiCert certificate must be installed on the server.
-
go to the Microsoft CCADB site (https://ccadb.my.salesforce-sites.com/microsoft/IncludedCACertificateReportForMSFT)
-
download the DigiCert Assured ID Root CA certificate from Nov. 20263E9099B5015E8F486C00BCEA9D111EE721FABA355A89BCF1DF69561E3DC6325C
-
once you have downloaded the certificate, install it:
-
Check the box Place all certificates in the following folder;
-
Save it in the Trusted Root Certification Authorities folder:
-
Complete the installation by clicking on the Finish button:
-
Once the certificate has been installed, restart the Watchdoc update via WSC.