All FireDaemon software products verify their digital signature and trust chain during the installation and startup. This is primarily to ensure that the software has not been tampered with.
However, you might find your FireDaemon software product doesn't install, run, or work as expected. The symptoms you experience might include:
- FireDaemon installation executables and FireDaemon software product executables that ask for elevation show "Unknown Publisher" instead of "FireDaemon Technologies Limited" in the UAC popup
- The FireDaemon Pro GUI doesn't open
- FireDaemon Pro commands issued via the command line that requires a valid license to be present appear to do nothing and return with an exit code 1.
The primary cause for the software failing under these circumstances is that Windows has not been updated and more specifically the necessary chain of trust is not present to allow FireDaemon software products to run successfully. All FireDaemon software installers and executable are digitally signed using a DigiCert Authenticode certificate. FireDaemon requires the DigiCert trust chain to be installed on your computer. Normally, this is not an issue, however, in some environments - especially those that are air-gapped from the Internet or in corporate environments where patching is judicious you might find you have to deploy the Digicert trust chain manually.
In order to resolve this try the following
- Temporarily connect to the Internet and run your FireDaemon software product
- Fully patch Microsoft Windows either directly from the Internet or via WSUS or equivalent patch management system
- Ensure in Group Policy: Computer Configuration -> Administrative Templates -> System -> Internet Communication Management -> Internet Communication settings -> Turn off Automatic Root Certificates Update is not set to turned off. For more information see this Server Fault discussion.
- Look at other ways to ensure the necessary trusted root certificates are installed (e.g. download / import via certutil.exe -generateSSTFromWU roots.sst or use Administrative Templates).
Below are screenshots from the Group Policy Editor: