SCCM 2012: SCCM 2012 SP1 Client update failed. Error: “Couldn’t verify ‘C:\Windows\ccmsetup\MicrosoftPolicyPlatformSetup.msi’ authenticode signature. Return code 0x800b0101
January 14, 2013
Posted by on
UPDATE: Microsoft published updated binaries for SCCM 2012 SP1 addressing this (and other minor) issues. You should use this new file set for new installations. Links are here: http://blogs.technet.com/b/gladiatormsft/archive/2013/01/26/you-may-need-to-re-download-configuration-manager-2012-and-endpoint-protection-2012-sp1-binaries.aspx
I upgraded my Lab SCCM to 2012 and decided to try “Client autoupdate” feature introduced with SCCM 2012.
Unfortunately the attempt failed and I saw
Couldn’t verify ‘C:\Windows\ccmsetup\MicrosoftPolicyPlatformSetup.msi’ authenticode signature. Return code 0x800b0101
in ccmsetup.log on the Client.
Signing certificate for the msi looks like:
so it looks expired for me
Fortunately Microsoft published http://support.microsoft.com/kb/2801987 – Cumulative update 0 (CU0) including an update (download)
I download the update and ran it on my SCCM
it did not pass from the first time, of course:
I should say the warning is a bit confusing – from the first sentence – Reboot is not required, from the second – I must restart the computer. . Reboot the server and try again!
This time it looks better:
and proceed with install:
Checking certificate again:
and the msi is validated successfully and the client is installed:
Do not forget to deploy the update to another Primary servers.
Anoop found some confusion between KB and the update wizard: http://anoopcnair.com/2013/01/14/configmgr-2012-sp1-kb-2801987-confusing-information-in-kb-article-vs-wizard/
I still think the updates is not necessary for CAS…