Re: Error "Could not find trusted signer"

iinfi · ‎11-24-2011

Hi All,

I am trying to customise ESXi 5.0 installation by using PowerCLI image builder and VMware depot file as the base. i need to add some NIC drivers during the customization and create a bundle .zip file to be used during autodeploy.

Using Image Builder through PowerCLI, I am able to use Add-EsxSoftwareDepot to add the base VMware Autodeploy depot file and also add the NIC driver as software packages (using Add-EsxSoftwarePackage).

I am also able to export the new profile image to a bundle or ISO.

Using the bundle when I try to run the Export-EsxImageProfile command it throws an error “Could not find a trusted signer”. This is because the NIC drivers are self-signed by the vendor and not signed by a trusted source.

At this stage I am able to get through using –NoSignatureCheck and proceed with creating the .zip or ISO file.

Now when I connect to the vCenter server using PowerCLI and create a New-DeployRule I face the same error. "Could not find trusted signer"
This time, I see that the new deploy rule command doesn’t have a –NoSignature check parameter.

I extracted the ZIP and added the certificates in the VIB to vCenter server’s trusted root. I ran the New-DeployRule command again, and still face the same error.

I am looking for a workaround for this so that I can test the new NIC’s. I have tried to make this work by changing the acceptance level to CommunitySupported and also the Set-ExecutionPolicy in PowerShell to Bypass/Allsinged/RemoteSigned. Still I face the same error.

thanks...

iinfi · ‎11-26-2011

slightly away from the topic.. how does vCenter read certificates/signatures?

does it trust all certificates which are in the trusted root of the vCenter server?

iinfi · ‎12-01-2011

passing the following on PowerShell/PowerCLI did the trick

PS> $DeployNoSignatureCheck=$true

iinfi · ‎12-01-2011

got help myself

sorabhk5 · ‎12-02-2011

Thats the best help and thanks for sharing though.

All opinions expressed here are my personal opinions and not of my employer. Thanks #Sorabh [[ http://sorabhk5.in or @sorabhk5 ]]

admin · ‎04-22-2012

Hi iinfi,

I hit the same issue and the '$DeployNoSignatureCheck=$true' works! Thank you.

But I want to know how you find this solution? Is $DeployNoSignatureCheck kind of global variables? I have some idea about you find it.

satishma · ‎07-27-2012

Hi,

I am facing the same problem "Could not find a trusted signer." when I tried to run new-deploy command for autodeploy. As I am using out-of-box NIC VIB file for my autdeploy server.

I am facing signature error for my vib file which don't have the signature, I tried passing the following on PowerCLI but still I am facing the problem.

PS> $DeployNoSignatureCheck=$true

Error message:

New-DeployRule : 7/27/2012 9:23:58 AM New-DeployRule Could not find a trusted signer.
At line:1 char:15

Thanks in advance for your help,

Satish

dbutch1976 · ‎07-28-2014

Same error, same fix. Thanks!

dbutch1976 · ‎08-22-2014

$DeployNoSignatureCheck=$true worked for me. Thank-you thank-you thank-you!