Signature check failed on all computers.



All of computers in policy manager console reports “signature check failed (…) policy.bpf did not pass signature verification. The file may have been manually modified. If the problem persists, please contact the system administrator.”

Is there a chance to renew admin and hosts keys, to resolve this problem?


I reinstall one of the hosts with with it's own policy (export and import policy) but, after I did that it do not block  USB devices. It unblock all devices. Is there a chance to import device control settings somehow?

Best Answer

  • VadVad Posts: 1,050 F-Secure Employee
    Accepted Answer

    Hello Infomagik,


    To fix the clients you will need to export key from your Policy Manager Console (Tools > Server configuration > Keys), replace it on all clients in F-Secure installation folder ...\F-Secure\common\, and restart fsma service.

    You can do it with the help of some scripts, or use our tool, which creates a hotfix for replacing. But as your policy manager is not communicating with clients properly, you will most likely need to install it locally on every client.

    If you want to use the tool, please contact support for instructions.


    Best regards,




  • MJ-perCompMJ-perComp Posts: 1,098 Superuser

    Did you do a new installation of PM or why did the keys change??
    Do you have a copy of the old H2DB?


  • Previous IT technican left me this problem, so i don't know.

    Probably he reinstall Policy mangager or upgrade it.

    Control Panel shows that it was installed on january 2016 version 12.00 build 67239.


    There is no copy of H2DB.

  • Hello,


    You're awesome. After replacing it works like a charm and hosts have latest policy.



This discussion has been closed.