I was just about to post when I saw your answer.
I ghosted back to an image with 4.8.1201 just to see, and it verified correctly at once.
Not the intermediary cert from Verisign mentioned earlier in intermediary root store before or after verifying the cert. Not necessary to go on the Net to get the verification.
If I’m the only person not being on Net when verifying e.g. 1229 you will not be bothered of this from other customers.
Those not on Net and not having the intermediary root in store as with me, will fail verification and
questions will come I hope when the cert doesn’t verify. (That’s the point of code signing ).
I now feel that I have fulfilled my job in informing about a potensial problem. I am not that sure that
everybody sees the implications…
EDIT: Downloaded 4.8.1229 at 2.8.08, after imageing back some days. Setupeng.exe will still not verify correctly and this is not good enough for me. Installed 4.8.1201 which is trustworthy from what Windows tells me, and upgraded to 4.8.1229 thereafter. The whole point of digital signing is gone with setupeng for 4.8.1229. This is bad, especially for a security-firm. It diminishes the respect for diital signatures IMO.
EDIT: vezuv34; why not use your real forum name and save one hotmail-address. ;D