On fresh Install of signed installer, .msi in %TEMP%\mia# has invalid certificate
Posted: Wed Aug 17, 2022 9:52 am
So I've had a report of a customer not being able to install our product given their cyber security app is not letting any .msi that doesn't have a valid certificate go through. Through some investigation, we've found that after launching the signed .exe of the Installer, it extracts content to the C:\ProgramData directory that contains a .exe, .msi, and mia.lib files that all have valid certificates. However in either the %TEMP%\mia1 or %TEMP%\mia2 directories there a .msi with the same file name as the .msi in the ProgramData directory that has an invalid certificate.
When doing a fresh install, is the extraction of things into %TEMP% modifying the contents of the file such that the certificate no longer lines up?
I say fresh install as if I run the repair/modify/uninstall for the product, the newly extracted .msi file in %TEMP% has a valid certificate. I'm trying to understand what the fresh install is doing here to trash the certificate on the .msi in the temp directory.
When doing a fresh install, is the extraction of things into %TEMP% modifying the contents of the file such that the certificate no longer lines up?
I say fresh install as if I run the repair/modify/uninstall for the product, the newly extracted .msi file in %TEMP% has a valid certificate. I'm trying to understand what the fresh install is doing here to trash the certificate on the .msi in the temp directory.