IE 6 won't accept signed ActiveX control

  • Thread starter Thread starter Bryan Johnson
  • Start date Start date
B

Bryan Johnson

My company ships a signed ActiveX control. On some machines running Windows
2k3 and IE 6, when the ActiveX control is downloaded, an error dialog appears
titled "Security Alert - Driver Installation", with the message "The driver
software you are installing has not been properly signed...".

This seems odd because the .CAB file does not contain drivers, so it would
seem that IE is somehow using the wrong signature verification method. I have
verified via "signtool verify /pa /v" that the .CAB file is correctly signed
with a valid certificate. So why doesn't IE agree?

Any thoughts or pointers appreciated.
 
If you must make identical posts to multiple newsgroups, please cross-post
one (1) message to all of them. Thank you.

Multiposting vs Crossposting:
http://www.blakjak.demon.co.uk/mul_crss.htm
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

Bryan Johnson wrote:
> My company ships a signed ActiveX control. On some machines running
> Windows
> 2k3 and IE 6, when the ActiveX control is downloaded, an error dialog
> appears titled "Security Alert - Driver Installation", with the message
> "The driver software you are installing has not been properly signed...".
>
> This seems odd because the .CAB file does not contain drivers, so it would
> seem that IE is somehow using the wrong signature verification method. I
> have verified via "signtool verify /pa /v" that the .CAB file is correctly
> signed with a valid certificate. So why doesn't IE agree?
>
> Any thoughts or pointers appreciated.
 
Please check if those "problematic" machines have the same set of Trusted
Root CA. Chances are your root is not trusted on them. May be they need Root
Cert Update or something.


Bryan Johnson felt like saying:

> My company ships a signed ActiveX control. On some machines running Windows
> 2k3 and IE 6, when the ActiveX control is downloaded, an error dialog appears
> titled "Security Alert - Driver Installation", with the message "The driver
> software you are installing has not been properly signed...".
>
> This seems odd because the .CAB file does not contain drivers, so it would
> seem that IE is somehow using the wrong signature verification method. I have
> verified via "signtool verify /pa /v" that the .CAB file is correctly signed
> with a valid certificate. So why doesn't IE agree?
>
> Any thoughts or pointers appreciated.
 
Back
Top