Ion/Catalyst/Proton Versions 4.3 and above
This KB provides guidance on how to install Browsium products on machines without internet access. If this guidance is not followed before installers are started, you may notice one of the following two errors:
1. A file that is required cannot be installed because the cabinet file disk1.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.
2. The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 12007.
There are situations where Browsium installers especially Proton and Client need to be installed on the machines without Internet Access. For the sake of simplicity, we will focus on steps needed to install Proton in the Eval mode.
Other than prerequisites, Proton Full version would also need to follow similar steps detailed here. Because the Full version has a lot of configuration options, we recommend contacting Browsium Support to tailor the instructions for your specific environment.
At a high level, the following steps need to be followed:
1. Ensure existence of the Root Certificates to validate the digital signatures.
2. Install Prerequisites for Proton Server.
Browsium Installers and binaries are signed and time-stamped like any other products and their digital signatures are verified by windows before executing them. The signature verification process in Windows involves outbound access to Certification Authorities if the information doesn’t exist on the local machine. Browsium products are dependent on following two Root Certificates
1. The UserTrustNetwork Cert Issued to AddTrust External CA Root with thumbprint – 02 fa f3 e2 91 43 54 68 60 78 57 69 4d f5 e4 5b 68 85 18 68
2. VeriSign Universal Root Certification Authority with thumbprint – 36 79 ca 35 66 87 72 30 4d 30 a5 fb 87 3b 0f a7 7b b7 0d 54
While it’s possible to obtain these certificates directly from their respective websites, the following steps detail one of the easier and more secure ways to obtain them:
1. Install Browsium Client on any machine with Internet access.
2. Open CertMgr.msc and navigate to “Trusted Root Certification Authorities” and “Certificates” under it.
3. During Browsium Client installation, Windows ensures ensures both the above root certificates are downloaded to the local certificate store.
4. Select both the certificates (ensuring the right thumbprint) and invoke Export action under All Tasks. Export each certificate as a type .P7B (Cryptographic Message Syntax Standard – PKCS #7) making sure to check ‘Include all certificates in the certification path if possible’.
5. Now on a machine without internet access, right click on the generated .P7B file and select ‘Install certificate’ using all default options to install the certificates into the new machine.
The following prerequisites are needed for setting up a one-box Proton Evaluation installation. Please install them in following order:
2. IIS Express 7.5 or higher – https://www.microsoft.com/en-us/download/details.aspx?id=1038
3. 2012 SQL Express SP2 or higher – https://www.microsoft.com/en-us/download/details.aspx?id=43351
4. SQL CLR Types (x86) – http://download.microsoft.com/download/F/E/D/FEDB200F-DE2A-46D8-B661-D019DFE9D470/ENU/x86/SQLSysClrTypes.msi (Used on x64 as well)
5. SQL Server 2012 SMO (x86) – http://download.microsoft.com/download/F/E/D/FEDB200F-DE2A-46D8-B661-D019DFE9D470/ENU/x86/SharedManagementObjects.msi (Used on x64 as well)
6. URL Rewrite Module for IIS – http://download.microsoft.com/download/C/9/E/C9E8180D-4E51-40A6-A9BF-776990D8BCA9/rewrite_amd64.msi