Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 381
  • Last Modified:

Why doesn't a Run button display when an MSI is downloaded from my site?

We have an online store that delivers MSI packages over an SSL connection.  IE9 clients that click on the link to download see a Run, Save, View Downloads bar at the bottom of the screen.  If they select to Run, after the download, and after the security scan, the Smart Screen bar presents buttons to Delete, Actions, or View Downloads.  "Delete" is the recommended action.

When I download an MSI from another site, for instance, the TortoiseSVN client from tigris.org, and I select to Run, the installer starts right up.  Obviously, IE9 thinks the SVN client MSI is safer than the MSI for my product.  Why?  Is there anything I can do to demonstrate to IE9 that my product is trustworthy?

I know I can instruct my clients to "Run Anyway" despite IE9's warning them off, but this is not a good customer experience.  What makes Tigris more trustworthy than my company?
0
skip_sailors
Asked:
skip_sailors
  • 5
  • 2
1 Solution
 
skip_sailorsAuthor Commented:
If it helps clarify, we didn't see this behavior in any previous version of IE, nor in Safari or FireFox or Chrome.
0
 
arnoldCommented:
Because the TortoiseSVN is signed. If you have a local CA and sign your product, you will get the same behavior within the CA's LAN or on systems that have your local CA defined as trusted authority.
0
 
skip_sailorsAuthor Commented:
arnold,

My MSIs are signed.  I can right-click on the MSI and see the digital signature, and the timestamp from when that was done.  We obtained a signing certificate September last year and it is valid till September this year.

Does this suggest that my CA is not trusted?
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
arnoldCommented:
Possibly or the CA's certificate is not seen by IE as trusted.
I have not downloaded/use IE9 so it is all guess work based on your description.
IE9 is unable to validate/verify the CA.
 
0
 
skip_sailorsAuthor Commented:
I will explore this with my CA, and return with the results of what I find.  That seems a good place to start.
0
 
skip_sailorsAuthor Commented:
0
 
skip_sailorsAuthor Commented:
I spent way too much time talking to Microsoft support, researching, and finally finding a set of blog articles that let me understand this behavior.  I can't fix it, I have to live with it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now