Solved

Why doesn't a Run button display when an MSI is downloaded from my site?

Posted on 2011-03-23
7
366 Views
Last Modified: 2012-08-13
We have an online store that delivers MSI packages over an SSL connection.  IE9 clients that click on the link to download see a Run, Save, View Downloads bar at the bottom of the screen.  If they select to Run, after the download, and after the security scan, the Smart Screen bar presents buttons to Delete, Actions, or View Downloads.  "Delete" is the recommended action.

When I download an MSI from another site, for instance, the TortoiseSVN client from tigris.org, and I select to Run, the installer starts right up.  Obviously, IE9 thinks the SVN client MSI is safer than the MSI for my product.  Why?  Is there anything I can do to demonstrate to IE9 that my product is trustworthy?

I know I can instruct my clients to "Run Anyway" despite IE9's warning them off, but this is not a good customer experience.  What makes Tigris more trustworthy than my company?
0
Comment
Question by:skip_sailors
  • 5
  • 2
7 Comments
 

Author Comment

by:skip_sailors
ID: 35203537
If it helps clarify, we didn't see this behavior in any previous version of IE, nor in Safari or FireFox or Chrome.
0
 
LVL 76

Expert Comment

by:arnold
ID: 35206718
Because the TortoiseSVN is signed. If you have a local CA and sign your product, you will get the same behavior within the CA's LAN or on systems that have your local CA defined as trusted authority.
0
 

Author Comment

by:skip_sailors
ID: 35207461
arnold,

My MSIs are signed.  I can right-click on the MSI and see the digital signature, and the timestamp from when that was done.  We obtained a signing certificate September last year and it is valid till September this year.

Does this suggest that my CA is not trusted?
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 76

Expert Comment

by:arnold
ID: 35207801
Possibly or the CA's certificate is not seen by IE as trusted.
I have not downloaded/use IE9 so it is all guess work based on your description.
IE9 is unable to validate/verify the CA.
 
0
 

Author Comment

by:skip_sailors
ID: 35207884
I will explore this with my CA, and return with the results of what I find.  That seems a good place to start.
0
 

Accepted Solution

by:
skip_sailors earned 0 total points
ID: 35870422
0
 

Author Closing Comment

by:skip_sailors
ID: 35900293
I spent way too much time talking to Microsoft support, researching, and finally finding a set of blog articles that let me understand this behavior.  I can't fix it, I have to live with it.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now