Data Acquisition (DAQ) and Control from Microstar Laboratories

Knowledge Base: Installation

Q10114 Invalid "already installed" message from Windows when upgrading DAPtools

Tags: Help, DAPtools, version 6.1, digital signatures, Windows XP, Windows Vista, upgrade

Applies to: DAPtools 6.1 or newer, Windows XP or Windows Vista

When installing DAPtools 6.10 (or newer) to upgrade the DAPcell software on my 64-bit Windows Vista machine, my Windows system complains that "a newer version of the driver is already installed..." and can't continue beyond that point. What can I do?

You must update your Windows system so that it can process 2048-bit digital signatures, and you must install an updated list of trusted root certificates in your Windows system.

Microsoft is starting to require all Windows driver software to have 2048-bit digital signatures. Conforming to that requirement, each DAPtools software release from version 6.10 onward will have a 2048-bit digital signature. As originally shipped, Windows XP and possibly early versions of Windows Vista do not know about the 2048-bit digital signatures, so some update patches might be required to add this feature. Once the Windows system can recognize the 2048-bit certificates, the list of trusted certification authorities must be updated. Without these updates, the 2048-bit certificates used by the DAPtools 6.1 and newer software installers will not be processed correctly — leading to the confusing error diagnosis. All Windows 7 and Windows 8 systems know about the 2048-bit signatures, and should never experience this problem.

Systems that have been online and updated regularly should never see this problem, because the required security patches should be installed already. The vulnerable systems are the ones that have been patched selectively, or that have been operating for an extended period of time without a direct connection to the Internet.

If you have a system administrator, your administrator can check your system to determine whether the "VeriSign Class 3 Public Primary Certification Authority - G5" is registered on your system. This is the certificate authority that the DAPtools installer uses. This certificate authority would not be listed on your system if your system lacks 2048-bit certificate capability.

If you don't have a system administrator, the following steps (based Windows 7) might be good enough for you to check this on your own.

  • From the main Start menu select Run.
  • In the command line text box type the command name mmc and press Enter.
  • In the menu of the mmc box, select Console | Add/Remove Snap-in.
  • Click Add...
  • In the dialog that follows, locate the item Certificates to select, then click the Add button to its right.
  • Another dialog pops up. Pick either My user or Computer (either of these options will work), then click the OK button in the dialog lower-right.
  • Click OK in the original console dialog.
  • A tree display will appear on the left. Expand the items Certificates and then Trusted Root Certificate Authorities.
  • After the last expansion, there should be an item called Certificates. Click it. The display on the right should list all of the registered certificate authorities. Look through the list for the required VeriSign certificate item.

On a 64-bit system that has the certificate problem, the only solution is to locate the particular security updates on the Microsoft Web site that install the most current certificate authority list. You can either do some searching to find and apply the required security patches[1], or you can apply all of the available security patches to bring your system up to current.

There are equivalent updates available for the older 32-bit systems. The best idea is again to find and apply the required system patches. However, if you are not successful with this, a less desirable solution is to run your existing DAPtools installer to completely uninstall (unregister) your existing DAPtools software, and then install the new DAPtools software version 6.1 or later on the clean system. When it fails to recognize the 2048-bit certificate, the 32-bit Windows system should give you an option to disregard this and install your new software regardless. Because of the obvious risks involved in bypassing the system security, upgrading the system is strongly recommended.

If the system patches fail to solve this problem, your only fall-back option is to not upgrade, but continue using the DAPtools 5 or DAPtools 4 software that you had previously. There is nothing wrong with that, as long as all of the features you need are present.


[1] A place to start looking for certificate updates is issue KB931125 on the Microsoft support site, but be careful that you apply the most recent updates for your system.