Skip to main content
Matrix42 Self-Service Help Center

Patch Management Scan Package cancels with error "Signing certificate validation failed"


The following error appears in the PM_ScanTrace.log if the client does not have the necessary certificates to

validate the patch catalog:

patchScanEngine::CScanner92::CScanner92InterfaceImpl::Initialize invalid operation: class STCore::CInvalidOperationException at Opc.cpp:1466: Signing certificate validation failed in 'C:\EmpirumAgent\PatchManagement\Repository\Catalog\'.

If the two certificates aren't installed on the client; the scan will continue to fail.

Solution 1 – Group Policy


  • If they are not present: Install them each manually by double-click on the .cer, click Install Certificate > leave Automatically select... enabled > Next > Finish
  • Check the store outlined above and ensure they are present

Solution 2 – Manual Update

Manual installation as follows proves to be efficient on the clients via Start > Run > MMC.exe;

open Console Root > Certificates (Local Computer) and confirm if the certificates exist in the following locations