Hi Samuli, On 08/09/16 10:11, Samuli Seppänen wrote: >> On Wed, Sep 7, 2016 at 8:03 PM, Samuli Seppänen <sam...@openvpn.net >> <mailto:sam...@openvpn.net>> wrote: >> >> >> The SHA1 signature is/was needed to support Windows Vista. It was >> created using a normal (non-EV) kernel-mode Authenticode certificate. >> >> >> As far as I'm aware, a fully patched WinXP box fully supports SHA2 - so >> you shouldn't have any issues with Vista+? > This Windows XP installer is signed with the new SHA2 code-signing > certificate: > > <http://build.openvpn.net/downloads/snapshots/openvpn-install-2.3.12-I001-winxp-sha2-test-i686.exe> > > If a fully-patched Windows XP understands SHA2 Authenticode signatures > then it should not show "Unknown publisher" in "File properties" dialog > for the installer, executables or libraries. The tap-windows driver is > still signed with the old key, so that cannot be used to validate the > signature. > > Does anyone have a fully-patched Windows XP system to test the above > installer on?
I just tested it in an WinXP VM that should have all patches applied. The installer failed with "There was a problem installing the TAP driver". After a reboot the driver was reported missing (error #39) and I had to do a 'rollback driver' to get the original (NDIS5) driver back. Is there a log file I can send you? share & enjoy, JJK ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
