Scenario 1: Return code 800B010A
If the error code is 800B010A, this is due to a missing or untrusted root certificate. Currently, all Pulse Secure components are signed by a VeriSign code signing certificate. Please ensure the following certificate is installed on the problematic machine in the Trusted Root Certificate Authorities store.
VeriSign Class 3 Public Primary Certification Authority - G5
OR
Symantec hosted Certificate download
To verify or install the certificate, perform the following steps:
- Click Start > Run.
- Enter mmc
.
- From the console window, select File > Add/Remove Snap-Ins.
- From the list, select Certificates.
- Click Add.
- Select the radio button for My User Account.
- Click Finish > OK.
- From the left pane, click Certificate - Current User > Trusted Root Certificate Authorities > Certificates.
- From the list, confirm that "VeriSign Class 3 Public Primary Certificate Authority - G5" exists (expires 7/16/2036).
If this is missing, use the above link to download the certificate. Once downloaded, perform the following steps:
- From the left pane, right-click Certificates folder > All Tasks > Import.
- Certificate wizard will appear and click Next.
- Click Browse and browse to the downloaded file.
- Click Open > Next.
- Select the radio button for Place all certificate in the following store.
- Click Browse > Trusted Root Certification Authorities.
- Click Next > Finish.
Scenario 2: Other return codes
To further debug WinTrustVerify issues, navigate to the problematic file listed in the debuglog.log
and perform the following steps:
- Right-click the file and click Properties.
- Select the Digital Signatures tab.
- From the list, select Pulse Secure.
- Click Details.
- From the general tab, it will provide additional information why certificate validation is failing.