Reset Search
 

 

Article

KB28092 - "Invalid signature" messages are displayed in Pulse Secure Desktop client debug logs

« Go Back

Information

 
Last Modified Date8/1/2015 9:45 PM
Synopsis
This article explains why "invalid signature" messages are displayed in the Pulse Secure Desktop Client debug logs for dll files and how the issue can be addressed.
Problem or Goal

While installing the Pulse Secure Desktop Client some clients running Windows OS, an invalid signature error is displayed in the Pulse Secure Desktop Client debug logs.

00239,09 2013/08/11 13:48:35.562 1 SYSTEM dsAccessService.exe dsAccessService p1524 t3E8 accessPluginLoader.cpp:113 - 'AccessService' plugin C:\Program Files\Common Files\Juniper Networks\8021xAccessMethod\8021xAccessMethod.dll, invalid signature


00239,09 2013/08/11 13:48:35.578 1 SYSTEM dsAccessService.exe dsAccessService p1524 t3E8 accessPluginLoader.cpp:113 - 'AccessService' plugin C:\Program Files\Common Files\Juniper Networks\Integration\IntegrationAccessMethod.dll, invalid signature

Cause
Pulse Secure Desktop Client software library files (.dll files) are signed by VeriSign Class 3 Code Signing CA.

The error is due to the Root Certificate Authority Certificate missing from the local computer certificate store of the Windows machine where Pulse Secure Desktop Client is installed.
Solution
Perform the following checks:
 
  1. Ensure all the latest Windows updates and patch levels have been applied to the computer; Microsoft periodically updates Root CA's, Sub CA's in the windows machine certificate store.  Not applying Windows updates and patches is also a security risk.
  2. Confirm the VeriSign Class 3 Code Signing CA is installed. This will allow the Pulse signature verification to pass successfully.
    Alternatively, you can also download VeriSign root CA from:
    http://www.verisign.com/repository/roots/root-certificates/PCA-3G5.pem
  3. After the Root CA installation is confirmed, re-run Junos Pulse.  Below is a sample of a Junos Pulse debug log where the Pulse dlls are verified successfully.
    00245,09 2013/08/26 12:25:17.842 4 SYSTEM dsAccessService.exe dsAccessService p4060 tE68 verify.cpp:213 - 'dsVerifySignature' C:\Program Files\Common Files\Juniper Networks\Integration\IntegrationAccessMethod.dll signed by Juniper Networks and verified
    00157,09 2013/08/26 12:25:17.842 4 SYSTEM dsAccessService.exe dsAccessService p4060 tE68 verify.cpp:230 - 'dsVerifySignature' verifySignature complete with result 1

    00244,09 2013/08/26 12:25:17.967 5 SYSTEM dsAccessService.exe dsAccessService p4060 tE68 accessPluginLoader.cpp:111 - 'AccessService' plugin C:\Program Files\Common Files\Juniper Networks\8021xAccessMethod\8021xAccessMethod.dll, verifying signature...
    00227,09 2013/08/26 12:25:17.967 4 SYSTEM dsAccessService.exe dsAccessService p4060 tE68 verify.cpp:46 - 'dsVerifySignature' verifying signature on C:\Program Files\Common Files\Juniper Networks\8021xAccessMethod\8021xAccessMethod.dll
    00245,09 2013/08/26 12:25:17.983 4 SYSTEM dsAccessService.exe dsAccessService p4060 tE68 verify.cpp:213 - 'dsVerifySignature' C:\Program Files\Common Files\Juniper Networks\8021xAccessMethod\8021xAccessMethod.dll signed by Juniper Networks and verified
    00157,09 2013/08/26 12:25:17.983 4 SYSTEM dsAccessService.exe dsAccessService p4060 tE68 verify.cpp:230 - 'dsVerifySignature' verifySignature complete with result 1



NOTE: For assistance with identifying the certificates installed on your system or the Windows update and patch levels please contact your local IT resources.
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255