VMware Tools installation or upgrade may fail while installing VMCI driver
search cancel

VMware Tools installation or upgrade may fail while installing VMCI driver


Article ID: 345060


Updated On:


VMware vSphere ESXi


This article guides you through troubleshooting the installation of VMware Tools on guest operating systems.

VMware tools installation fails with error "Setup failed to install the VMCI Virtual Machine Communication Interface driver automatically. This driver will have to installed manually."


VMware vSphere ESXi 6.7


This issue happens as the Microsoft Root Certificate Authority missing or revoked from Trusted Root Authority store.


To resolve this issue you need to add the root certificate, follow the below steps:
  1. From the virtual machine where the VMware Tools installation/upgrade is failing with VMCI driver issue, go to “C:\Windows\System32\drivers”
  2. Right click on vmci.sys > Properties> Digital Signatures>Signature list.
  3. You will see the certificates used to sign for this driver. It might be one or more than one cert.
  4. Select the first name click on details and select “View Certificate
  5. Click on “Install Certificate”>Next and complete the wizard.
  6. You will get “The import was successful”, repeat the same steps for all "Signature list" under "Digital Signature".
  7. Now retry the VMware Tools upgrade/installation.

Note: if the certificate is expired, please open a Support Request with VMware support.

Additional Information

Anti-virus can also inhibit this installation/upgrade. Ensure anti-virus is disabled.


Starting with Windows Vista, the Plug and Play (PnP) manager performs driver signature verification during device and driver installation. However, the PnP manager can successfully verify a digital signature only if the following statements are true:

  • The signing certificate that was used to create the signature was issued by a certification authority (CA).

  • The corresponding root certificate for the CA is installed in the Trusted Root Certification Authorities certificate store. Therefore, the Trusted Root Certification Authorities certificate store contains the root certificates of all CAs that Windows trusts.

By default, the Trusted Root Certification Authorities certificate store is configured with a set of public CAs that has met the requirements of the Microsoft Root Certificate Program. Administrators can configure the default set of trusted CAs and install their own private CA for verifying software.


Capture get_app