After downloading and attempting to install (certain updates), a warni

After downloading and attempting to install (certain updates), a warning says there is no authentic certificate for it and doesn’t recommend the install. Please advise.
- JR

This question was answered on January 7, 2002. Much of the information contained herein may have changed since posting.

The Internet has allowed us to quickly access and install updates for most popular programs Whether it is an anti-virus program, a word processor or even the all-important web browser, Internet-based updates are posted on the web with the intent to fix problems and improve performance

But, because there is a small faction of cyber-vandals out there that will hide malicious code inside of what looks like a harmless update, you want to know that the program comes from a known, reliable source before you download or install programs from the Internet

To this end, the Internet community created a method for ‘certifying’, through digital certificates, the contents of anything that you would potentially download from the Internet.

Microsoft’s browsers use ‘Authenticode technology’ while Netscape’s browsers employ ‘Object signing’ to verify that a download has a valid certificate, that the identity of the software publisher matches the certificate and that the certificate is still valid.

The publisher of any Internet download can go through the process of certifying the file through a security authority such as VeriSign (www.verisign.com), which will then assign a ‘digital certificate’ for the specific download

Not all files that are available for download will have these certificates so you may, on occasion, get a warning that tells you that no certificate exists for the file that you are attempting to download or install This does not mean the file is dangerous or should not be installed; it just means that a certificate does not exist for this specific file.

Whether you decide to install the file or not is based on whether you trust the author If you are downloading the file from a large known web site such as Microsoft.com or Netscape.com, you shouldn’t be too concerned, but if you are installing a file that claims to be from one of these sites, but in fact resides on a small unknown web site, you may want to be careful This is one of the ways that a devious programmer can hide malicious code in what appears to be a standard update or plug-in so always check to see where you are on the Internet (in the Address bar) before downloading and installing files

You can change how your browser handles certificates in the ‘Security’ section of your browser’s Internet Options or Preferences (it varies from version to version) In most cases, the default settings are adequate for most users, but you can increase or decrease the security levels if desired You can also tell your browser to ‘Always trust content from…’ by checking the box at the bottom of the warning screen, which will bypass the warning for future downloads from the same site.

Digital certificates don’t guarantee that a download is not poorly written or that it won’t cause any problems for your computer, they simply make it obvious that the author has taken the time to register the file with a recognized authority, so don’t put too much faith in them!