Unsigned File - Signature Verification Failure

Unsigned File - Signature Verification Failure

Postby lioninstreet » 11.10.2018, 23:52

While running wsol for xp32 updates, the warning showing:

could not find .\wsusoffline924\wsusoffline\cmd\unsigned
Warning: Deleted unsigned file unsigned files..

ERROR: File signature verification failure.

Press any key to continue

This appeared during the first download run as well as when I try a second run. On the second run the process actually stops at the error and when I press any key the download physically stops with an error window stating:

Error downloading / verifying updates for wxp enu. Would you like to view the log file now?

I found a handful of threads on the subject but wasn't 100% certain of the resolution (if any). Would there happen to be a fix on this or is wsol setup to ignore/delete the unsigned update files that MS is pushing out?
lioninstreet
 
Posts: 108
Joined: 21.06.2018, 00:06

Re: Unsigned File - Signature Verification Failure

Postby Dalai » 12.10.2018, 01:48

When using Sigcheck 2.30 you need to remove the -nobanner option in wsusoffline\cmd\DownloadUpdates.cmd, because the older Sigcheck versions don't understand/support this switch. Just open the DownloadUpdates.cmd file in your favorite editor and search for this string and remove it. But be careful not to change/remove anything else, especially any brackets.

Regards
Dalai
Dalai
 
Posts: 1041
Joined: 12.07.2016, 21:00

Re: Unsigned File - Signature Verification Failure

Postby lioninstreet » 12.10.2018, 17:44

Perfect, downloader will now complete the second download cycle on XP. Only 2 warnings this run

The following warning was shown.
Warning: Integrity database ..\client\md\hashes-wsus.txt not found

There was also a gateway timeout failure for the following update:
Warning: Download of http://download.windowsupdate.com/msdow ... ba8692.exe failed

I'm guessing on the next run the download above may not time out. Will watch for that.
I then checked the location above for the file hashes-wsus.txt. It is there and it does contain text. wsol just not seeing it?

Thanks for the support.
lioninstreet
 
Posts: 108
Joined: 21.06.2018, 00:06

Re: Unsigned File - Signature Verification Failure

Postby Dalai » 12.10.2018, 17:59

lioninstreet wrote:I then checked the location above for the file hashes-wsus.txt. It is there and it does contain text. wsol just not seeing it?

WSUS Offline will warn about missing hash files, but it will generate them after everything has been downloaded, so it won't complain on the next run (provided it isn't deleted).

Regards
Dalai
Dalai
 
Posts: 1041
Joined: 12.07.2016, 21:00

Re: Unsigned File - Signature Verification Failure

Postby lioninstreet » 12.10.2018, 19:24

I just happened to notice a similar answer regarding other hashes-xxx.txt files being missing. I should have searched first...

Download errors are now fully resolved. I'm left with a couple of general questions.

Re XP: Does wsol included the post 2014 updates being pushed for xp pos embedded?

Re W7: Are there any issues I should be aware of when updating a base OS that does not first contain SP1 the latest service pack (the only install I have doesn't contain SP1)?

When using wsol to download updates for a different OS (something else that is EOL like w2k3), should I open a different instance of 9.2.4 or can I use the one that has the xp updates in it? For w2k3 I may end up adding updates to .client\static\custom.

Your patience is appreciated. It's probably pretty easy to figure out that IT is not a day job for me so my training has been poor.
lioninstreet
 
Posts: 108
Joined: 21.06.2018, 00:06

Re: Unsigned File - Signature Verification Failure

Postby Dalai » 12.10.2018, 20:43

lioninstreet wrote:Re XP: Does wsol included the post 2014 updates being pushed for xp pos embedded?

WSUS Offline doesn't include anything. It relies (and depends) on the Windows Update catalog file wsusscn2.cab that contains the information about all updates that Microsoft has classified as security related. This might include XP POS updates, but I don't know. In any case, WSUS Offline never supported XP POS systems, so you're on your own when you try that.

Re W7: Are there any issues I should be aware of when updating a base OS that does not first contain SP1 the latest service pack (the only install I have doesn't contain SP1)?

I stronly recommend to download an ISO with integrated SP1, either directly via MS or with a tool like the one provided by Heidoc.net.

When using wsol to download updates for a different OS (something else that is EOL like w2k3), should I open a different instance of 9.2.4 or can I use the one that has the xp updates in it? For w2k3 I may end up adding updates to .client\static\custom.

I don't think it matters whether or not you use an independent instance of WSUS Offline or a new one. The updates won't interfere with each other either way.

Regards
Dalai
Dalai
 
Posts: 1041
Joined: 12.07.2016, 21:00

Re: Unsigned File - Signature Verification Failure

Postby boco » 12.10.2018, 21:50

WOU does not include the POS updates, as XP Embedded POSReady is an entirely different OS target. It will only get updates until the official EOL, plus a few emergency updates MS did release after EOL.
Microsoft update catalog: http://catalog.update.microsoft.com/v7/site/
Windows Install media download: https://support.microsoft.com/en-us/help/15088/windows-create-installation-media
boco
 
Posts: 2391
Joined: 24.11.2009, 17:00
Location: Germany

Re: Unsigned File - Signature Verification Failure

Postby lioninstreet » 13.10.2018, 02:15

Dalai, boco

I suppose I chose the wrong grammar when asking about wsol including the xp pos updates. What I understand you to say is wsol will not pull down the pos updates as wsol does not see it as a supported OS.

Thank you both for the arrow pointing and clarification today.
lioninstreet
 
Posts: 108
Joined: 21.06.2018, 00:06

Re: Unsigned File - Signature Verification Failure

Postby boco » 13.10.2018, 04:04

Yes, by applying the not-so-official regkey, you change your XP to resemble an XP Embedded POSReady. WOU will most probably see such a Windows as unsupported or support it only partially.
Microsoft update catalog: http://catalog.update.microsoft.com/v7/site/
Windows Install media download: https://support.microsoft.com/en-us/help/15088/windows-create-installation-media
boco
 
Posts: 2391
Joined: 24.11.2009, 17:00
Location: Germany

Re: Unsigned File - Signature Verification Failure

Postby lioninstreet » 15.10.2018, 02:54

Would this idea be a possible solution to capturing the post 2014 xp updates:

Once the XP system has been fully updated with wsus, wait a day and make the pos registry hack, download the additional updates, then isolate the install date to view installed updates and record the kb numbers. I could then use a program like WUMT (unless you could suggest something better) to identify the KB URL's and then capture them with a custom download in wsus.

Does this sound in theory like it would work?
lioninstreet
 
Posts: 108
Joined: 21.06.2018, 00:06

Next

Return to Download

Who is online

Users browsing this forum: No registered users and 42 guests