Use the search and browse feature to view Kepware's repository of more than 500 Knowledge Base articles. Narrow your results or type your query into the search field below.

Search Solutions Results By: View All Solutions

Kepware Knowledge Base: Solution


The Runtime Will Not Start and the Windows Event Viewer Reports Invalid configuration detected: The build manifest is invalid


Last Update: 11/12/2018

Problem:
The code signature verification that the Runtime uses to verify the product's integrity is failing with error 0x80092026: "The cryptographic operation failed due to a local security option setting."

Possible Cause:
This error is most likely because the Enable Trusted Publisher Lockdown group policy setting is checked, and the KEPServerEX certificate is not in the Trusted Publishers certificate store.

Solution:
View the setting in the Local Group Policy Editor by clicking Group Policy | User Configuration | Windows Settings | Internet Explorer Maintenance | Security | Authenticode Settings. For information on adding the KEPServerEX certificate to the Trusted Publishers certificate store, refer to the instructions below.

  1. To start, open Windows Explorer and browse to the KEPServerEX install directory.
  2. Next, right-click on server_runtime.exe and select Properties.
  3. Open the Digital Signatures tab and select the first signature in the list.
  4. Then, click Details | View Certificate.
  5. Next, open the Details tab and click Copy to File.
  6. Click through the wizard and save as "DER". Then, open the Run command line.
  7. Type "mmc" and then click OK.
  8. In the Management Console, click File | Add/Remove Snap-ins.
  9. Next, select Certificates and click Add.
  10. Then, select Computer account and click Next.
  11. Verify that the selection is set to Local Computer, and then click Finish.
  12. To complete the addition of the Certificates snap-in, click OK.
  13. Next, expand the Certificates tree and right-click on Trusted Publishers and select All Tasks | Import.
  14. Then, use the import wizard to import the newly-saved certificate file.

Note: The Kepware Technologies certificate should now be displayed in the Certificates store under Trusted Publishers. Users attempting to start the server runtime service should succeed.

Related Products
KEPServerEX