When installing Active Roles, the following error is received
By default, some Windows Server installations do not recognize DigiCert as a valid certificate authority. In most cases, Windows Server will periodically download an updated certificate authority list from Microsoft.
Servers that do not have a live internet connection will not be able to download the updated certificate authority list, causing an invalid digital signature error.
To verify that this issue is present, check the following in the Active Roles setup file:
If The certificate in the signature cannot be verified is observed, this indicates that Windows does not recognize DigiCert as an authorized Certificate Authority.
To resolve this issue, download the following certificate files from the DigiCert site:
Once downloaded, install them on the affected server to the Trusted Root Certification Authorities Store. Afterwards, the Active Roles installer should run normally.