Just downloaded 4.8.1229 setup. Here is what I get when checking the signature:
Hope you understand a bit Norwegian
Edit:not marked as closed. Needs further investigation
Just downloaded 4.8.1229 setup. Here is what I get when checking the signature:
Hope you understand a bit Norwegian
Edit:not marked as closed. Needs further investigation
Maybe it got corrupted during the download?
Iād ask:
My Norwegian is a little ānon-extantā it used to be limited to ordering beer and food (but most spoke excellent English) on Arctic Warfare Training, many, many years ago.
My certificate displays fine but that is on the English setup file (setupeng.exe), so as Igor said it might be down to corruption.
Thanks for quick answer, Igor:
Alwils own site after a tip from a fiend who also got this. English version 4.8.1229.
Yes, already tried that
25,1 MB (26 401 600 byte) is the size.
MD5 is: 122052343BF305921F4C4714B7CB1A01
DavidR:
No, not corruption, but possibly my windows is missing an intermediary certificate.
This is as I said the ENGLISH setupfile of Avast (setupeng.exe). But I have Norwegian Windows XP SP3
What about your size and MD5, do they match?
setupeng.exe should be 26 941 368 bytes longā¦
By accident I tried checking the signature again while beeing on the net which I never usually do.
Windows explorer aked for connection via ZoneAlarm, I let it go and some of my windows certificates got
updated bb Windows Update.
Now it verifies just fine.
As far as I can see an intermediate certifiate from Verisign got updated. That was obviously the missing link here.
I thought intermediary certificates were supposed to follow the object they belonged to?
Certs are definitely NOT my strongest side.
Igor: I was writing while you were answering. I will come back soon.
I downloaded english setup from another machine and it still is:
26 401 600 bytes there too. Did you forget to include a new intermediary certificate or something.
Mine validates fine after updating my Wind0ws cert store, and as far I can see the second certificate
in the chain was added under intermediary certs.
Now it verifies fine.
I just downloaded setupeng.exe via CNET and its size is 26 401 600.
And it does not verify correctly on my machine.
Has anybody else tried downloading setupeng.exe?
I just downloaded from CNET.
Size matches and digital signature is verified.
I suppose you mean that it matches Igors size?
I know it might seem that Iām kidding, but I am not.
I will try to download AFTER I have upgraded cert store on my XP SP3.
Iām back, hopefully my last post in this threadā¦
I have used 3 different machines and it has been difficult to pinpoint the problem.
Conclusion is that to verify this Avast certificate, it is necessary to have an intermediate
certificate that I donāt have had lately on any of my machines.
If I download setupeng.exe without having the certificate the size is 26 401 600, and cert validation
fails. I can get it to show up correctly by letting Windows explorer update my rootcerts(crypt32) by letting it go on the net while showing the cert tab. It will download the missing cert and avast validates correctly. The size of setupeng.exe remains the same 26 401 600.
If I now repeat the download without touching the cert store, setupeng.exe is 26 941 368, and cert validation goes ok at once.
Still confused?, I am.
For those interested the intermediary cert is Verisign Class 3 Code signing 2004 CA
valid from 16.7.2004 to 16.7.2014. The id of the cert starts with 4191a1ā¦
Obviously a useful certificate.
Thanks for help.
I canāt imagine how a certificate update could change the downloaded size.
Iād say itās just a coincidenceā¦ and there was some cache (or possibly a transparent proxy in your network or on the way) that held the corrupted file and kept returning it. Now, (maybe a timeoutā¦ or a cache clear caused by the certificate update) the file is finally downloaded again, and correctly this time.
Just a guess though.
Hmm, regarding the sizeā¦ itās actually possible that the installers have been updated yesterday (not a new program version though) - so maybe we were downloading different files.
Strange anyway.
Thanks for your interest, Igor.
But I have to say:
I downloaded 4.8.1229 three days ago on one machine, and it didnāt verify correctly at once.
But after I let WINDOWS explorer take a trip to the net(which i usually never do), the file verified correctly and I installed it and it works as a charm so no corruption.
The size was and is 26 401 600 and now it still verifies correctly.
I got curious and eventlog showed that crypt32 had updated my rootstore in XP SP3.
At the same time the intermediate cert mentioned earlier in this thread got back.
I downloaded 4.8.1201 four weeks back, and as far as I can see it uses the same root and intermediate
cert as 4.8.1229. It verified correctly at once then.
By now I canāt replicate anything of this because the intermediate cert canāt be deleted.
I delete it, restart and it still is there without even going to the net.
Downloading 4.8.1229 gives the 26 941 368 version now.
AFAIK there is 2 problems here:
Why should my Verisign intermediary cert at approximately the same time disappear on 3 machines.
By now I canāt delete it at all even if I want.
Why should I get a āsmallā version of Avast at the same time.
I noticed by using a hexedit that there is much Verisignstuff at the end of the setupeng.exe file.
Perhaps these 2 problems are interrelated in some way?
Perhaps only Verisign has the answer
I will try to pinpoint when this happened by using some of the many images of my whole system that I have.
Maybe you can get your answer from the following website:
http://www.verisign.com/support/index.html
Thanks for your suggestion.
I was there yesterday without any success.
Everything is working fine, even exported a copy of the mentioned intermediary cert.
Cust curious about what happened on 3 machinesā¦
HL
Hei!
A short update:
Ghosted back 2 days.
Downloaded Avast from Alwils site setupeng.exe
Size this time was indeed 26 941 368 bytes which sounds good.
Before chenking the signature of Avast, I checked the signature of a couple of newly
installed programs first. Opera 9.51 and JRE 6 update7. These 2 have in commen that they
use the same root and intermediary certs as Avast does. Both verified ok as expected as they
verified correctly before. I was not on net while verifying.
So I went to Awast, it didnāt verify at once, same message as in my first post in this thread.
I was on net while checking and WINDOWS explorer went out.
Rootcerts were updated (crypt32 message in Eventlog).
Then everything validated correctly.
For those very interested I can tell that this intermediary cert was NOT listed in cert store
before I began this test. The 2 programs I mentioned obviously found it somewhere.
After Avast had been verified correctly, this intermediary cert is listed, but it canāt be deleted.
So Avast behaves a bit different from the 2 other programs in cert checking from now on.
4.8.1201, when tested before, behaved as the two other mentioned programs.
I donāt know if this is a general or special problem and I donāt know how many check their
digital signatures. I hope this info is useful for you.
For me it is case closed (again)
Thanks for reading.
HL
I must say I donāt know much about the certificates or how exactly they work.
However, if thereās really some āproblemā (something has expired and needs to be updated from Microsoft) with verification of avast! signatures, it would explain other problems that start to appearing (e.g. this one)ā¦
Maybe itās because we now have a new Verisign certificate (used in builds 1227/1229). It was issued to us about a month ago, while the other one expired a week ago or soā¦
Maybe the new certificates that Verisign now issues are somewhat different?