[Introduction] In enterprise environments with strict security policies—like the financial sector where I work—setting up a development environment can be more challenging than the coding itself.
Recently, while attempting to install Visual Studio 2022 on a secure, offline network, I encountered a frustrating “Infinite Installation Loop.” After days of debugging, I discovered that the issue wasn’t a corrupted file, but a missing certificate. Here is how I solved it to help other developers save their time.
[The Symptoms: The Infinite Bootstrapper Loop] When running the installer (Bootstrapper), the process would download the necessary files, attempt to verify them, and then immediately delete them, only to restart the download. This cycle repeated about 5-6 times before failing completely.
Checking the installation logs (dd_setup_...log), I found the following error:
[Exit code] 0x138c (5004)
[Error Log] Error 0x80096004: Certificate is invalid: vs_installer.opc
Upon inspecting the downloaded vs_installer.opc file properties, I noticed that the Digital Signature tab was either missing or the signer could not be verified.
[The Root Cause: Missing Intermediate Certificate] At first, I suspected a network firewall was corrupting the file. However, the real culprit was the Windows Certificate Trust Chain.
In a standard environment, Windows automatically updates root and intermediate certificates via Windows Update. However, in an air-gapped or closed network (offline) environment, the system often lacks the latest certificates required by Microsoft.
Because my machine was missing a specific Intermediate Certificate, Windows flagged the legitimate vs_installer.opc file as “unsigned” or “untrusted” and deleted it for security reasons.
[The Solution: Manually Install the ‘PCA 2024’ Certificate] The fix was simple once identified. I needed to manually install the specific intermediate certificate that signs the installer.
- Required Certificate:
Microsoft Windows Code Signing PCA 2024.crt
[Step-by-Step Guide]
- Download: On a machine with internet access, search for and download the
Microsoft Windows Code Signing PCA 2024certificate (or export it from a fully updated Windows machine). - Transfer: Move the
.crtfile to your offline target machine. - Install: Double-click the file and click [Install Certificate].
- Select Store: Choose ‘Place all certificates in the following store’.
- Browse: Select ‘Intermediate Certification Authorities’ (Important: Do not select Root CA).
- Finish: Complete the wizard.
[Conclusion] After installing the certificate, I re-ran the Visual Studio Bootstrapper, and it proceeded to the installation screen immediately without any loops.
If you are working in a high-security environment and facing the 0x80096004 error, check your certificates before blaming the firewall. Usually, it’s just Windows trying to protect you a little too aggressively.
Happy Coding!
#VisualStudio2022 #OfflineInstall #Error0x80096004 #CertificateError #AirGapped #Troubleshooting