Hello,

Yesterday I get my repaired HTC TyTN II mobile phone (not branded). Now I found WM6.1 on it. Because of the Hardwarereset I need to do a new cab file installation of some needed programs.

At the moment I was able to install some bought software and also to add our Exchange 2007 Server (self-made certificate by our ActiveDirecty Certificate Authority).

Some other bought software and of course all freeware cab files aren't possible to install. I get allways the error message: "Die Installation ist fehlgeschlagen. Das Programm oder die Einstellung konnte nicht installiert werden, da es/sie nicht digital mit einem vertrauenswürdigen Sicherheitszertifikat signiert ist."

Sorry for the german error message. It means, that the cab file has no digital certificate or a digital certificate from a non trustworthy CA. It isn't possible to accept this message and install the software as it was possible by WM6.0.

I read in the forum and of course a lot of other help websites on the web about certificates. Also how to put a new certificate on cab files.

So I got from our CA a personal code signature and gave those files a new digital certificate, but that didn't work. I get the same message - the cab files have a good certificate (file property under Windows Vista showes that). Our root certificate is installed on the mobile phone => Exchange Sync works.

What can I do, that I'm able to install all cab files? Why is my own certification not trustworthy? The root certificate is correctly installed on the device => Exchange Sync works.

Hopefully someone is able to help me.

Forgive me if I'm wrong, but I think 2 things got mixed up here.

Windows Mobile requires CABs to be digitally signed by the makers of the program in order to install it. If it hasn't been done, WM will ask you if you woudl still like to install it, even if it's not digitally signed.

Exchange requires the Root certificate from the Exchange server to be installed via CAB to ensure a secure connection, identity check,... No certificate, no exchange.

=> regular CAB installations: I remember someone asking the same question some time ago, but I can't find his post. I attached a screenshot of the bubble I get. Is yours the same (ignoring the language differences)? Or are you getting another type of notification bubble or popup? Really no continue anyway option (that would really s*ck...)
Try disabeling it by using Kaisertweak (http://forum.xda-developers.com/showthread.php?t=333898). Check under 'security' and look there for disabling the warning. Soft reset after disabling it.

=> Exchange: As I said, it needs the server's Root cert to install. But I guess there were no problems here...

Good luck

@Dr. Strangelove: Thank you for your answer.

Forgive me if I'm wrong, but I think 2 things got mixed up here.

No not really. I tried to authorize the files, that have no certification. The root certificate of the used code signature is the same which is used for the Exchange Server synchronisation.

The root certificate was installed directly with a *.cer file (no CAB File).


=> regular CAB installations: I remember someone asking the same question some time ago, but I can't find his post. I attached a screenshot of the bubble I get. Is yours the same (ignoring the language differences)? Or are you getting another type of notification bubble or popup? Really no continue anyway option (that would really s*ck...)

That was the message I found with WM6.0. Now I get an different message. If the CAB file has a wrong or no digital certificate, then no installation...
...really no continue option.


I think I tried already Kaisertweak. There was a simular message. I'm not able to run it. I am not certain, therefore I will try it again.

However I don't want to deactive the warning. I want only to install or run even there is a warning.

Ok, I tried it again. The same error message: "Die Datei 'KaiserTweak' kann nicht geöffnet werden. Sie ist nicht mit einem vertrauenswürdigen Sicherheitszertifikat signiert."
In english it means, that the KaiserTweak.exe file has no certificate and it isn't possible to run it.




Optional it should be possible to authorize the file with an own certificate and install that. Then there should be no reason to change the new WM6.1 feature....

What can I do, that I'm able to install all cab files? Why is my own certification not trustworthy? The root certificate is correctly installed on the device => Exchange Sync works.


Get with your exchange server admin, they have your security policy locked down on your device. When you sync with the server it pulls your user rights from the server, if you dont have the correct permissions then it will limit your ability to do certain things on your device.

Get with your exchange server admin, they have your security policy locked down on your device. When you sync with the server it pulls your user rights from the server, if you dont have the correct permissions then it will limit your ability to do certain things on your device.

Thank you for your answer. :) I forgot, that Exchange 2007 SP1 has more security policies for WM6.1.

Now I'm able to run all kind of installation.