Signature is Not Valid Error

Problem: During the package upgrade step, you receive a warning with the message:

Loading the package failed due to the following error: Signature is not valid.

The problem is likely that the machine hosting the User Interface service does not have the necessary Root Certificate (or is missing part of the Certification Chains leading up to the root) to validate the signature of the upgrade package.

Suggested solution:

1. To resolve the issue you should check that the machine hosting the User Interface service contains the root certificate named "DigiCert Assured ID Root CA," which has a serial # 0C:E7:E0:E5:17:D8:46:FE:8F:E5:60:FC:1B:F0:30:39.

   If this root certificate is missing, it can be downloaded from https://www.digicert.com/digicert-root-certificates.htm and installed as a trusted root certificate manually.

2. Another reason for this error would be that the machine hosting the User Interface service has been configured so that updating root certificates is disabled. To fix this, set the registry value HKEY_LOCAL MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot\DisableRootAutoUpdate to 0, and retry uploading the upgrade package.

   This will allow Microsoft to restore the missing root certificate during validation.