What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

The signature of my PRTG server is not valid. What can I do?

Votes:

0

Your Vote:

Up

Down

After an update of PRTG, PRTG Server.exe does not start anymore. At the end of the installation, when the PRTG services try to restart, I get the following error message:

PRTG Webserver could not be started properly. Signature of C:\Program File(x86)\PRTG Network\64 bit\PRTG Server.exe is not valid.

Trying to manually restart PRTG does not work either, the service just stops. What can I do about the invalid signature of the PRTG server? How can I get PRTG up and running again?

crash error error-messages invalid-prtg prtg prtg-server-exe restart signature

Created on Sep 22, 2015 3:40:29 PM by  Gerald Schoch [Paessler Support]

Last change on Jul 15, 2019 12:14:59 PM by  Maike Guba [Paessler Support]



9 Replies

Accepted Answer

Votes:

2

Your Vote:

Up

Down

This article applies as of PRTG 22

Solving an invalid signature of PRTG Server.exe

If you suddenly cannot start PRTG Server.exe anymore after a new installation of PRTG (for example, an update) because of an invalid signature, check the security settings in the environment in which you are running PRTG. The error message PRTG Webserver could not be started properly. Signature of C:\Program File(x86)\PRTG Network Monitor\64 bit\PRTG Server.exe is not valid. can hint at an issue with the certificate authority (CA) verification.

This CA issue can result in the following:

  • PRTG services cannot start.
  • The PRTG setup cannot be executed.
  • Remote probes cannot update.

Note: The exact path in the error message depends on the directory and Windows version on the computer where you have installed PRTG. For a 32-bit Windows system, the error message would be Signature of C:\Program File(x86)\PRTG Network Monitor\32 bit\PRTG Server.exe is not valid.

Digital signatures and security requirements

In certain IT environments, security requirements do not allow you to download any updates from the internet. In this case, it might not be possible to verify the digital signature that is associated with the application PRTG Server.exe, for example. You have to manually apply updates to avoid this issue.

First, try to install the following root certificates from DigiCert. The first root certificate is sufficient in most cases, but in some cases you will also need the second one. Import these certificates into the Trusted Root Certificates of the PRTG core server system and also of remote probe systems:

  • DigiCert Assured ID Root CA Valid until: 10/Nov/2031 Serial #: 0C:E7:E0:E5:17:D8:46:FE:8F:E5:60:FC:1B:F0:30:39 Thumbprint: 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
  • DigiCert SHA2 Assured ID Code Signing CA Valid until: 22/Oct/2028 Serial #: 04:09:18:1B:5F:D5:BB:66:75:53:43:B5:6F:95:50:08 Thumbprint: 92C1588E85AF2201CE7915E8538B492F605B80C6

Notes

  • Import the certificates via Microsoft Management Console (MMC) into the certificate store of the local system. Otherwise, the certificates might be valid for the current user account only.
  • Windows Server 2003 does not support SHA-2 certificates out of the box. For details, see Updating PRTG on Windows 2003 fails because of invalid certificate. What can I do?
  • One of our customers who got the invalid signature message applied the latest Microsoft Root certificates to the system. This made the Trust CA able to verify the digital signature of the PRTG executable file, so PRTG was allowed to start again. If you have similar security settings in your data center, check the CA verification and try updating your root certificates.

Other reasons for an invalid PRTG signature

If pinpointing the invalid signature issue to your security requirements does not help you to start PRTG, roll back to the version of PRTG previous to the update and get PRTG up and running again as soon as possible.

If the previous version works properly, try to reproduce your issue with exactly the same security settings on a spare test system or virtual machine (for example, use the PRTG freeware edition for this test). This approach ensures that this is not a one-off incident on the current PRTG host.

If the same issue happens again on the test machine, right-click PRTG Server.exe in the 64-bit or 32- bit subfolder of the PRTG program directory, open Properties, and send us a screenshot of the Signature part. This way, we can check the signature for PRTG delivered by Paessler and suggest other solution steps that are specific to your situation.

More

Created on Sep 22, 2015 3:42:47 PM by  Gerald Schoch [Paessler Support]

Last change on Jun 30, 2022 8:42:23 AM by  Brandy Greger [Paessler Support]



Votes:

1

Your Vote:

Up

Down

I had this problem when I installed a trial of PRTG on a Windows Server 2012 R2.
I tried to apply all Windows Updates, but it didn't help.

What solved the issue for me was I had to manually import the CA from Comodo. Download the cert from AddTrustExternalCARoot and follow the guide from Comodo's Knowledgebase. Slightly modified for Windows Server 2012 R2 but mostly the same.

Created on Nov 19, 2015 9:04:40 AM by  JEPSH (10)

Last change on Aug 12, 2016 7:04:26 AM by  Luciano Lingnau [Paessler]



Votes:

1

Your Vote:

Up

Down

I never had this issue before, but experienced it when upgrading from ver 15.1.13.1312 to ver 16.1.21.1422. Adding the cert linked above to my Trusted Root certificate store resolved it. CN=AddTrust External CA Root

Thanks All.

Created on Feb 2, 2016 12:04:58 AM by  Curtis Kayfish (70) 2 1

Last change on Aug 12, 2016 7:05:09 AM by  Luciano Lingnau [Paessler]



Votes:

1

Your Vote:

Up

Down

Worked after downloading and installed the "DigiCert Assured ID Root CA" from:

Created on Mar 23, 2016 12:46:10 PM by  Christianr (10) 1

Last change on Aug 12, 2016 7:05:44 AM by  Luciano Lingnau [Paessler]



Votes:

0

Your Vote:

Up

Down

Thanks for sharing your solution Christian!

Best regards, Felix

Created on Mar 24, 2016 6:27:22 AM by  Felix Saure [Paessler Support]



Votes:

0

Your Vote:

Up

Down

It did NOT help to install the certificates from the article:

  • DigiCert Assured ID Root CA
  • DigiCert SHA2 Assured ID Code Signing CA

I removed them.

It worked with "DigiCert Assured ID Root CA".

By the way... why do you have something so special? I have many many software in my disconnected environment (no direct access to internet), but fully up-to-date with patches via WSUS... and you are the only software with that issue.

Anti-virus and all the other rsecurity related tools work fine... ... maybe you should consider changing the CA you use or the system you use?

Created on Apr 14, 2016 9:43:20 PM by  CheckMe (0)

Last change on Aug 12, 2016 7:06:22 AM by  Luciano Lingnau [Paessler]



Votes:

0

Your Vote:

Up

Down

Issue: PRTG Core Server Service could not be started (after upgraded)

Error:

  • PRTG Core Server Service service on local computer started and then stopped. some services stop automatically if they are not in use by other services or programs.
  • Sorry, could start PRTG Core Server (Wed server) Signature of C:\Program Files (x86)\PRTG Network Monitor\64bit\PRTG server.exe is not valid.

Solution:

  1. Download “DigiCert Assured ID Root CA
  2. Install Certificate “DigiCert Assured ID Root CA” to "Trusted Root Certificates Authorities" Watch this video for instructions
  3. Copy “DigiCert Assured ID Root CA” to "Computer Store"
  4. Restart PRTG Core Server

Created on Jun 8, 2017 3:25:01 PM by  Do, Vien H. (0) 1

Last change on Nov 17, 2020 4:16:45 PM by  Luciano Lingnau [Paessler]



Votes:

0

Your Vote:

Up

Down

Hi, I could not solve this problem with a server NOT connected to the Internet, the only solution in my case was to install an older version of PRTG (19.2.50) and manual activation of the license.

Created on May 16, 2022 1:27:09 PM by  MarcelaS (0) 1



Votes:

0

Your Vote:

Up

Down

Hello,

the method described in the article should work.

In case you have the alpha version of the new interface activated, if you deactivate and update, and add the new Digicert certificate, does PRTG then start?

Created on May 17, 2022 11:43:41 AM by  Arne Seifert [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.