ProjectWise - Error Message: The assembly [varies] is not trusted due to SubjectCertExpired

Summary:

You may encounter errors when using I-Model Composition Server (ICS) Administrator after June 10, 2021.

Background: As a part of a continuing program to improve the security and integrity of Bentley software and services, over the last several releases, the ICS product added several security validation checks on program modules (.DLL files) that are loaded into memory. Some of these validation checks were more stringent than intended. As a result, some legitimate and safe DLLs included with the product began to be rejected after June 10, 2021.

The following provides the solution based on the Version of ICS you are running.

Problem:

iCS for PDF 10.0.3.299

Resolution:

No resolution required. We do not know of any issues with this software version.

Problem:

PW Admin 10.0.3.434
PW Administrator 10.0.3.434 is being used to administer an ICS for PDF server operated by Bentley managed services.
You see error messages in Orchestration Framework log file or OF Admin stating "The assembly [varies] is not trusted due to SubjectCertExpired".

Resolution:

As an alternative, you can use PW Admin 10.0.3.299.
If the registry key HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bentley\Orchestration Framework\Server exists on your computer, please add the following value:

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bentley\Orchestration Framework\Server],

"IgnoreCertExpiration"=dword:00000001

If the registry key HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bentley\Orchestration Framework\Administrator exists on your computer, please add the following value:

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bentley\Orchestration Framework\Administrator]

"IgnoreCertExpiration"=dword:00000001

Problem:

You are using version of ICS for PDF 10.0.3.280 or older, and,
You see errors in the Orchestration Framework log file or OF Admin interface like the ones below.
- “File c:\users\administrator\appdata\local\bentley\orchestrationframework\aerendsvc10; of\extension\x86\rendsvcpwrefmirror.dll' is not signed by Bentley” or,
- “Certificate chain for 'c:\users\administrator\appdata\local\bentley\orchestrationframework\aerendsvc10; of\extension\x86\rendsvcpwrefmirror.dll' is not valid. The certificate may be self-signed.”

Or, you may see the message “service is not running" while in OF Admin.

Resolution:

If the registry key HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bentley\Orchestration Framework\Server exists on your computer, please add the following value:

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bentley\Orchestration Framework\Server],

"ValidateCertificateChains"=dword:00000000

If the registry key HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bentley\Orchestration Framework\Administrator exists on your computer, please add the following value:

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bentley\Orchestration Framework\Administrator]

“ValidateCertificateChains"=dword:00000000