When you install a PU, SCU, or Quick Fix the Installation wizard displays an error regarding validation of the digital certificate failed and shows a path to a .cab file.

 The setup will exit now as the installer has failed to validate the digital certificate for the following files: \n <Path and Filename in error varies>

The certificate changed in which the updates are validated against in Feb 2014.

There for with restrictive security policies may prevent  the Symantec CCS system from validating the files because the new certificate may not be able to be installed to the Certificate Store.

 You must manually install the VeriSign Class 3 Primary CA Certificate - G5 to the Trusted Root Certificate Store.

Download VeriSign Class 3 Primary CA Certificate - G5

To install this certificate for the Domain, contact the domain administrator to ensure internal policies/procedures are followed.

To install this certificate to the local machines Trusted Root Certificate Store

1. From the Start button, type mmc in the Search text box and press Enter.
2. In the Console that opens, on the File menu click Add/Remove Snap-in.
3. From Available snap-ins select Certificates and click Add.
4. In the Certificates snap-in window choose Computer Account and click Next.
5. For Select Computer choose Local computer and click Finish.
6. In Add/Remove Snap-ins click OK.
7. In the left pane expand Certificates (Local Computer).
8. Right-click Trusted Root Certification Authorities and click All Tasks > Import.
9. Follow the Import Wizards instructions to select the new Certificate and import it.

 Install the PU, SCU, or Quick Fix.

Applies To

Symantec CCS is in a zone with a restrictive security policies applied.