I'm wondering if any of you know how Windows determines if an activeX is signed by a trust worthy certificate or not. This is an annoying work related question I haven't been able to figure out. We have a website that installs two different CAB files onto client machines, on the client machine we add our site to trusted site zone and enable download Signed ActiveX, this has worked on 99.99% of clients until this week. One client for whatever reason is blocking this file. To make sure the website developers hadn't changed anything I retested and Windows XP and 7 installs them fine as if they are signed internally and on the external site.
I'm wondering if there is some Windows XP setting that would block windows from knowing if a CAB is signed/trusted that anyone has run into? Everything on the internet I have found basically says temporarily allow your security to install an unsigned activex control ... it is signed so I don't want this to be the perm solution.
-Confused.