Couldn’t verify ‘C:\WINDOWS\ccmsetup\ccmsetup.cab’ authenticode signature. Return code 0x800b0109 in CCMSetup.log
We had some client’s having install issues this week, they were getting ‘Couldn’t verify authenticode signature’ entry in their ccmsetup.log:
The cause of this is the trusted root certificate used to sign the ccmsetup.cab is not in the Trusted Enterprise Root’s store on the workstation.
Grab the certificate
There are a couple of ways to fix this, but the way I chose is simple. Go find the file, right-click it and select Properties.
Next, we go to the Digital Signatures tab.
Select the certificate and click the Details button.
From there, click on View Certificate.
Click on the Certificate Path tab and select the root certificate.
Click the View Certificate Button.
Click the Details tab.
Click the Copy to a file button.
Click next two times.
Provide a file name (and remember it)
Click the finish button and we’re ready to install the cert.
Import the certificate
From the machine having the error, find the file you exported, right-click it and select Install Certificate. This will open the Install certificate Wizard.
Select the Place all certificates in the following store, then brows and select the Trusted Root Certificate Authorities. Click Next.
Click Finish on the Completing the Certificate import Wizard page.
That’s it! Now either restart the CCMSetup service if it’s there, or reinstall the client.