This might be a regression, though I haven't dug to history to see if it was intentionally changed back.
Ref: http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Certificate-install-to-local-machine-fails-with-code-26352-td1121050.html >From the current certutil.cpp if (!::CertAddCertificateContextToStore(hStore, pCertContext, CERT_STORE_ADD_REPLACE_EXISTING, NULL)) { ExitWithLastError(hr, "Failed to add certificate to the store."); } And from the linked thread the suggestion was: To fix this, you should just be able to change the calls in the IIS extension source (scacertexec.cpp and scacert.cpp) to CertAddCertificateContextToStore. Instead of using CERT_STORE_ADD_REPLACE_EXISTING, you can use CERT_STORE_ADD_USE_EXISTING. This updates the current cert instead of duplicating it, and the test case detailed above should pass. You will notice that the certificate will be listed in both the registry and group policy physical stores, but I don't think there's anything we can do about that. -----Original Message----- From: KaburagiS [mailto:skabur...@ntst.com] Sent: Friday, November 14, 2014 9:27 AM To: wix-users@lists.sourceforge.net Subject: [WiX-users] WIX Installation fails to Install Certificate to Root Certification Authorities for Some machines We have created a WIX installation MSI that installs certificates to machine store. It installs a root certificate (GoDaddy Class 2 Certification Authority) to the Trusted Root Certification Authorities. It works for most of machines, but it fails some machines. We suspected the group policy restrictions( http://technet.microsoft.com/en-us/library/cc754841.aspx), but the change did not resolve the problem. Below is a WIX definition and a portion of the log file that shows where the error occurs. <DirectoryRef Id="ApplicationDirectory"> <Component Id="G.Root.Cert" Guid="{C6672075-1BFB-4158-86B4-8DD6D26BBC12}"> <CreateFolder /> <iis:Certificate Id="GoDaddy.Class2.Certificate" Name="GoDaddy Class 2 Certificate" Request="no" StoreLocation="localMachine" StoreName="root" Overwrite="no" BinaryKey="GoDaddy.Class2.Binary" /> </Component> MSI (s) (B4:08) [11:58:21:952]: Executing op: CustomActionSchedule(Action=RollbackAddMachineCertificate,ActionType=11521,Source=BinaryData,Target=**********,CustomActionData=**********) MSI (s) (B4:08) [11:58:21:953]: Executing op: ActionStart(Name=AddMachineCertificate,,) Action 11:58:21: AddMachineCertificate. MSI (s) (B4:08) [11:58:21:953]: Executing op: CustomActionSchedule(Action=AddMachineCertificate,ActionType=11265,Source=BinaryData,Target=**********,CustomActionData=**********) MSI (s) (B4:40) [11:58:21:980]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI3EE3.tmp, Entrypoint: AddMachineCertificate MSI (s) (B4:D0) [11:58:21:981]: Generating random cookie. MSI (s) (B4:D0) [11:58:21:982]: Created Custom Action Server with PID 9920 (0x26C0). MSI (s) (B4:90) [11:58:22:042]: Running as a service. MSI (s) (B4:90) [11:58:22:043]: Hello, I'm your 32bit Elevated custom action server. AddMachineCertificate: Deleting certificate that begin with friendly name: GoDaddy Class 2 Certificate_wixCert_ AddMachineCertificate: Adding certificate: GoDaddy Class 2 Certificate_wixCert_1 AddMachineCertificate: Error 0x80070005: Failed to add certificate to the store. MSI (s) (B4!0C) [11:58:22:173]: Note: 1: 2205 2: 3: Error MSI (s) (B4!0C) [11:58:22:173]: Note: 1: 2228 2: 3: Error 4: SELECT Message FROM Error WHERE Error = 26352 The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 26352. The arguments are: -2147024891, , MSI (s) (B4!0C) [11:58:27:816]: Note: 1: 2205 2: 3: Error MSI (s) (B4!0C) [11:58:27:816]: Note: 1: 2228 2: 3: Error 4: SELECT Message FROM Error WHERE Error = 1709 MSI (s) (B4!0C) [11:58:27:816]: Product: Netsmart VR BA Prerequisites -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 26352. The arguments are: -2147024891, , AddMachineCertificate: Error 0x80070005: Failed to install certificate. AddMachineCertificate: Error 0x80070005: Failed to install per-machine certificate. CustomAction AddMachineCertificate returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox) Action ended 11:58:27: InstallFinalize. Return value 3. MSI (s) (B4:08) [11:58:27:961]: User policy value 'DisableRollback' is 0 MSI (s) (B4:08) [11:58:27:962]: Machine policy value 'DisableRollback' is 0 MSI (s) (B4:08) [11:58:27:972]: Executing op: Header(Signature=1397708873,Version=500,Timestamp=1163681610,LangId=1033,Platform=0,ScriptType=2,ScriptMajorVersion=21,ScriptMinorVersion=4,ScriptAttributes=1) We are puzzled as to what causes this problem. If you have any idea as to what causes this problem, it would be greatly appreciated. Thanks. -- View this message in context: http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/WIX-Installation-fails-to-Install-Certificate-to-Root-Certification-Authorities-for-Some-machines-tp7597941.html Sent from the wix-users mailing list archive at Nabble.com. ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
