Notices: This section not yet converted to new layout. Download stats are rolling back out.

Securepoint SSL VPN Client


Package test results are passing.

This package was approved as a trusted package on 6/2/2019.

This repository contains the sources of the package Securepoint SSL VPN for Chocolatey, the package manager for Windows.

For more information, please refer to the instructions available in the parent repository.

To install Securepoint SSL VPN Client, run the following command from the command line or from PowerShell:

C:\> choco install securepointsslvpn

To upgrade Securepoint SSL VPN Client, run the following command from the command line or from PowerShell:

C:\> choco upgrade securepointsslvpn


  • legal\LICENSE.txt Show
    		       Version 2, June 1991
     Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
     Everyone is permitted to copy and distribute verbatim copies
     of this license document, but changing it is not allowed.
      The licenses for most software are designed to take away your
    freedom to share and change it.  By contrast, the GNU General Public
    License is intended to guarantee your freedom to share and change free
    software--to make sure the software is free for all its users.  This
    General Public License applies to most of the Free Software
    Foundation's software and to any other program whose authors commit to
    using it.  (Some other Free Software Foundation software is covered by
    the GNU Lesser General Public License instead.)  You can apply it to
    your programs, too.
      When we speak of free software, we are referring to freedom, not
    price.  Our General Public Licenses are designed to make sure that you
    have the freedom to distribute copies of free software (and charge for
    this service if you wish), that you receive source code or can get it
    if you want it, that you can change the software or use pieces of it
    in new free programs; and that you know you can do these things.
      To protect your rights, we need to make restrictions that forbid
    anyone to deny you these rights or to ask you to surrender the rights.
    These restrictions translate to certain responsibilities for you if you
    distribute copies of the software, or if you modify it.
      For example, if you distribute copies of such a program, whether
    gratis or for a fee, you must give the recipients all the rights that
    you have.  You must make sure that they, too, receive or can get the
    source code.  And you must show them these terms so they know their
      We protect your rights with two steps: (1) copyright the software, and
    (2) offer you this license which gives you legal permission to copy,
    distribute and/or modify the software.
      Also, for each author's protection and ours, we want to make certain
    that everyone understands that there is no warranty for this free
    software.  If the software is modified by someone else and passed on, we
    want its recipients to know that what they have is not the original, so
    that any problems introduced by others will not reflect on the original
    authors' reputations.
      Finally, any free program is threatened constantly by software
    patents.  We wish to avoid the danger that redistributors of a free
    program will individually obtain patent licenses, in effect making the
    program proprietary.  To prevent this, we have made it clear that any
    patent must be licensed for everyone's free use or not licensed at all.
      The precise terms and conditions for copying, distribution and
    modification follow.
      0. This License applies to any program or other work which contains
    a notice placed by the copyright holder saying it may be distributed
    under the terms of this General Public License.  The "Program", below,
    refers to any such program or work, and a "work based on the Program"
    means either the Program or any derivative work under copyright law:
    that is to say, a work containing the Program or a portion of it,
    either verbatim or with modifications and/or translated into another
    language.  (Hereinafter, translation is included without limitation in
    the term "modification".)  Each licensee is addressed as "you".
    Activities other than copying, distribution and modification are not
    covered by this License; they are outside its scope.  The act of
    running the Program is not restricted, and the output from the Program
    is covered only if its contents constitute a work based on the
    Program (independent of having been made by running the Program).
    Whether that is true depends on what the Program does.
      1. You may copy and distribute verbatim copies of the Program's
    source code as you receive it, in any medium, provided that you
    conspicuously and appropriately publish on each copy an appropriate
    copyright notice and disclaimer of warranty; keep intact all the
    notices that refer to this License and to the absence of any warranty;
    and give any other recipients of the Program a copy of this License
    along with the Program.
    You may charge a fee for the physical act of transferring a copy, and
    you may at your option offer warranty protection in exchange for a fee.
      2. You may modify your copy or copies of the Program or any portion
    of it, thus forming a work based on the Program, and copy and
    distribute such modifications or work under the terms of Section 1
    above, provided that you also meet all of these conditions:
        a) You must cause the modified files to carry prominent notices
        stating that you changed the files and the date of any change.
        b) You must cause any work that you distribute or publish, that in
        whole or in part contains or is derived from the Program or any
        part thereof, to be licensed as a whole at no charge to all third
        parties under the terms of this License.
        c) If the modified program normally reads commands interactively
        when run, you must cause it, when started running for such
        interactive use in the most ordinary way, to print or display an
        announcement including an appropriate copyright notice and a
        notice that there is no warranty (or else, saying that you provide
        a warranty) and that users may redistribute the program under
        these conditions, and telling the user how to view a copy of this
        License.  (Exception: if the Program itself is interactive but
        does not normally print such an announcement, your work based on
        the Program is not required to print an announcement.)
    These requirements apply to the modified work as a whole.  If
    identifiable sections of that work are not derived from the Program,
    and can be reasonably considered independent and separate works in
    themselves, then this License, and its terms, do not apply to those
    sections when you distribute them as separate works.  But when you
    distribute the same sections as part of a whole which is a work based
    on the Program, the distribution of the whole must be on the terms of
    this License, whose permissions for other licensees extend to the
    entire whole, and thus to each and every part regardless of who wrote it.
    Thus, it is not the intent of this section to claim rights or contest
    your rights to work written entirely by you; rather, the intent is to
    exercise the right to control the distribution of derivative or
    collective works based on the Program.
    In addition, mere aggregation of another work not based on the Program
    with the Program (or with a work based on the Program) on a volume of
    a storage or distribution medium does not bring the other work under
    the scope of this License.
      3. You may copy and distribute the Program (or a work based on it,
    under Section 2) in object code or executable form under the terms of
    Sections 1 and 2 above provided that you also do one of the following:
        a) Accompany it with the complete corresponding machine-readable
        source code, which must be distributed under the terms of Sections
        1 and 2 above on a medium customarily used for software interchange; or,
        b) Accompany it with a written offer, valid for at least three
        years, to give any third party, for a charge no more than your
        cost of physically performing source distribution, a complete
        machine-readable copy of the corresponding source code, to be
        distributed under the terms of Sections 1 and 2 above on a medium
        customarily used for software interchange; or,
        c) Accompany it with the information you received as to the offer
        to distribute corresponding source code.  (This alternative is
        allowed only for noncommercial distribution and only if you
        received the program in object code or executable form with such
        an offer, in accord with Subsection b above.)
    The source code for a work means the preferred form of the work for
    making modifications to it.  For an executable work, complete source
    code means all the source code for all modules it contains, plus any
    associated interface definition files, plus the scripts used to
    control compilation and installation of the executable.  However, as a
    special exception, the source code distributed need not include
    anything that is normally distributed (in either source or binary
    form) with the major components (compiler, kernel, and so on) of the
    operating system on which the executable runs, unless that component
    itself accompanies the executable.
    If distribution of executable or object code is made by offering
    access to copy from a designated place, then offering equivalent
    access to copy the source code from the same place counts as
    distribution of the source code, even though third parties are not
    compelled to copy the source along with the object code.
      4. You may not copy, modify, sublicense, or distribute the Program
    except as expressly provided under this License.  Any attempt
    otherwise to copy, modify, sublicense or distribute the Program is
    void, and will automatically terminate your rights under this License.
    However, parties who have received copies, or rights, from you under
    this License will not have their licenses terminated so long as such
    parties remain in full compliance.
      5. You are not required to accept this License, since you have not
    signed it.  However, nothing else grants you permission to modify or
    distribute the Program or its derivative works.  These actions are
    prohibited by law if you do not accept this License.  Therefore, by
    modifying or distributing the Program (or any work based on the
    Program), you indicate your acceptance of this License to do so, and
    all its terms and conditions for copying, distributing or modifying
    the Program or works based on it.
      6. Each time you redistribute the Program (or any work based on the
    Program), the recipient automatically receives a license from the
    original licensor to copy, distribute or modify the Program subject to
    these terms and conditions.  You may not impose any further
    restrictions on the recipients' exercise of the rights granted herein.
    You are not responsible for enforcing compliance by third parties to
    this License.
      7. If, as a consequence of a court judgment or allegation of patent
    infringement or for any other reason (not limited to patent issues),
    conditions are imposed on you (whether by court order, agreement or
    otherwise) that contradict the conditions of this License, they do not
    excuse you from the conditions of this License.  If you cannot
    distribute so as to satisfy simultaneously your obligations under this
    License and any other pertinent obligations, then as a consequence you
    may not distribute the Program at all.  For example, if a patent
    license would not permit royalty-free redistribution of the Program by
    all those who receive copies directly or indirectly through you, then
    the only way you could satisfy both it and this License would be to
    refrain entirely from distribution of the Program.
    If any portion of this section is held invalid or unenforceable under
    any particular circumstance, the balance of the section is intended to
    apply and the section as a whole is intended to apply in other
    It is not the purpose of this section to induce you to infringe any
    patents or other property right claims or to contest validity of any
    such claims; this section has the sole purpose of protecting the
    integrity of the free software distribution system, which is
    implemented by public license practices.  Many people have made
    generous contributions to the wide range of software distributed
    through that system in reliance on consistent application of that
    system; it is up to the author/donor to decide if he or she is willing
    to distribute software through any other system and a licensee cannot
    impose that choice.
    This section is intended to make thoroughly clear what is believed to
    be a consequence of the rest of this License.
      8. If the distribution and/or use of the Program is restricted in
    certain countries either by patents or by copyrighted interfaces, the
    original copyright holder who places the Program under this License
    may add an explicit geographical distribution limitation excluding
    those countries, so that distribution is permitted only in or among
    countries not thus excluded.  In such case, this License incorporates
    the limitation as if written in the body of this License.
      9. The Free Software Foundation may publish revised and/or new versions
    of the General Public License from time to time.  Such new versions will
    be similar in spirit to the present version, but may differ in detail to
    address new problems or concerns.
    Each version is given a distinguishing version number.  If the Program
    specifies a version number of this License which applies to it and "any
    later version", you have the option of following the terms and conditions
    either of that version or of any later version published by the Free
    Software Foundation.  If the Program does not specify a version number of
    this License, you may choose any version ever published by the Free Software
      10. If you wish to incorporate parts of the Program into other free
    programs whose distribution conditions are different, write to the author
    to ask for permission.  For software which is copyrighted by the Free
    Software Foundation, write to the Free Software Foundation; we sometimes
    make exceptions for this.  Our decision will be guided by the two goals
    of preserving the free status of all derivatives of our free software and
    of promoting the sharing and reuse of software generally.
    			    NO WARRANTY
    	    How to Apply These Terms to Your New Programs
      If you develop a new program, and you want it to be of the greatest
    possible use to the public, the best way to achieve this is to make it
    free software which everyone can redistribute and change under these terms.
      To do so, attach the following notices to the program.  It is safest
    to attach them to the start of each source file to most effectively
    convey the exclusion of warranty; and each file should have at least
    the "copyright" line and a pointer to where the full notice is found.
        <one line to give the program's name and a brief idea of what it does.>
        Copyright (C) <year>  <name of author>
        This program is free software; you can redistribute it and/or modify
        it under the terms of the GNU General Public License as published by
        the Free Software Foundation; either version 2 of the License, or
        (at your option) any later version.
        This program is distributed in the hope that it will be useful,
        but WITHOUT ANY WARRANTY; without even the implied warranty of
        GNU General Public License for more details.
        You should have received a copy of the GNU General Public License along
        with this program; if not, write to the Free Software Foundation, Inc.,
        51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
    Also add information on how to contact you by electronic and paper mail.
    If the program is interactive, make it output a short notice like this
    when it starts in an interactive mode:
        Gnomovision version 69, Copyright (C) year name of author
        Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
        This is free software, and you are welcome to redistribute it
        under certain conditions; type `show c' for details.
    The hypothetical commands `show w' and `show c' should show the appropriate
    parts of the General Public License.  Of course, the commands you use may
    be called something other than `show w' and `show c'; they could even be
    mouse-clicks or menu items--whatever suits your program.
    You should also get your employer (if you work as a programmer) or your
    school, if any, to sign a "copyright disclaimer" for the program, if
    necessary.  Here is a sample; alter the names:
      Yoyodyne, Inc., hereby disclaims all copyright interest in the program
      `Gnomovision' (which makes passes at compilers) written by James Hacker.
      <signature of Ty Coon>, 1 April 1989
      Ty Coon, President of Vice
    This General Public License does not permit incorporating your program into
    proprietary programs.  If your program is a subroutine library, you may
    consider it more useful to permit linking proprietary applications with the
    library.  If this is what you want to do, use the GNU Lesser General
    Public License instead of this License.
  • legal\VERIFICATION.txt Show
    Verification is intended to assist the Chocolatey moderators and community
    in verifying that this package's contents are trustworthy.
    The installer have been downloaded from the Github release page <>
    and can be verified like this:
    1.  Download the following installers:
        32-Bit: <>
    2.  You can use one of the following methods to obtain the checksum
        - Use powershell function 'Get-Filehash'
        - Use chocolatey utility 'checksum.exe'
        checksum type: SHA512
        checksum32: 16E0CE19E470A227EFDA381CA270AC097CD5714C49AEF6CF185ECF3633FFEB13E9C21A24155DC876DA34A9E7A63344897849786E649558FA7DFFE083E6D1F65C
    File 'LICENSE.txt' is obtained from <>
  • tools\.skipAutoUninstall
  • tools\chocolateyInstall.ps1 Show
    $packageName = 'securepointsslvpn'
    $toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
    $package = "$toolsDir\openvpn-client-installer-2.0.25.exe"
    $checksum = '16E0CE19E470A227EFDA381CA270AC097CD5714C49AEF6CF185ECF3633FFEB13E9C21A24155DC876DA34A9E7A63344897849786E649558FA7DFFE083E6D1F65C'
    # Load custom functions
    . "$toolsDir\utils\utils.ps1"
    # The installer is bundled with an msi file, with certificates and with C++
    # runtimes. We can't get the msi file directly. We have to run the
    # installer executable first, then select the language and click OK.
    # Just after, the .msi is unpacked to the %temp% directory under the
    # following filename: SecurepointSSLVPN.msi
    # The msi file provides several controls to customize the installation.
    # After the msi file is unpacked. The installer immediately runs cmd which
    # runs the msiexec which itself runs the .msi file.
    # When this is the first installation, the user can customize the installation
    # with the controls mentionned above. However, when the msi file has been
    # already installed, the msi installation does not provide any way to control
    # the install process anymore. The installation is run again automatically
    # without anyway to control the process.
    # Our initial purpose was to recover the msi file and execute it silently.
    # First, we needed to kill the initial msi file. When the msi returns, the
    # cmd and the installer processes quit immediately.
    # However, when the msi file has already been installed, this causes several
    # issues:
    # - First, we cannot kill the msi file properly.
    # - Second, reinstalling the msi when it has a filename different than the
    #   msi product name, we are running into a 1316 error. "The product code
    #   must be changed if any of the following are true for the update: [...]
    #   The name of the .msi file has been changed."
    #   We thus need to keep the filename securepointsslvpn.msi (not case
    #   sensitive). src.:
    # This is why we will first remove the previous installation to avoid issues.
    # But first we need to receover the services state.
    Write-Host "Getting the state of the current Securepoint VPN service (if any)..."
    # Needed to reset the state of the service if upgrading from a previous version
    try {
      $previousService = GetServiceProperties "Securepoint VPN"
    } catch {
      Write-Host "No previous Securepoint VPN service detected."
    Write-Host "Removing the previous installation to avoid issues..."
    . "$toolsDir\chocolateyUninstall.ps1"
    # To select the language in the installer, we need to use AutoIT scripts.
    # Use AU3Info.exe to get Win32 control names. src.:
    # If installed with chocolatey (autoit.commandline), AutoIT is installed as
    # a Chocolatey dependency at:
    # C:\ProgramData\Chocolatey\lib\autoit.commandline\tools\install
    # In order to get the documentation of the AutoIt PowerShell cmdlets, we need
    # to import the module with Import-Module.
    # Import-Module C:\ProgramData\chocolatey\lib\autoit.commandline\tools\install\AutoItX\AutoItX.psd1
    # The imported modules are only valid for the current script session.
    Import-Module "$toolsDir\..\..\autoit.commandline\tools\install\AutoItX\AutoItX.psd1"
    if (!(Get-Command 'Invoke-AU3Run' -ErrorAction SilentlyContinue)) {
      throw "The AutoItX PowerShell module was not imported properly."
    Get-ChecksumValid `
      -File "$package" `
      -Checksum "$checksum" `
      -ChecksumType 'sha512'
    Write-Host "Trying to recover the MSI file..."
    # Invoke-AU3Run returns an Int32 corresponding to the PID of the process
    [Int32]$installerPid = Invoke-AU3Run -Program "$package"
    Wait-AU3Win -Title "SSLVPN Installer" | Out-Null
    $winHandle = Get-AU3WinHandle -Title "SSLVPN Installer"
    # Get the focus on the window
    Show-AU3WinActivate -WinHandle $winHandle | Out-Null
    # Even if we could override the language using the parameters to the msi file,
    # we needed to detect text in the msi file run just after (we want English).
    $controlHandle = Get-AU3ControlHandle -WinHandle $winHandle -Control Button3
    Invoke-AU3ControlClick -WinHandle $winHandle -ControlHandle $controlHandle | Out-Null
    # Press Enter as the OK button has the focus. 
    Send-AU3Key -Key "{ENTER}" | Out-Null
    Write-Host "Waiting for the MSI installer to launch..."
    Wait-AU3Win -Title "Securepoint SSL VPN Setup" | Out-Null
    Write-Host "Copying the MSI installer..."
    # Do not use the environment variable, as the latter might get redefined (which
    # happens in AppVeyor for example) and some installers might use the default
    # TEMP location instead.
    $msiTempFile = Join-Path `
      $([System.IO.Path]::GetTempPath()) `
    $msiPermanentFile = Join-Path `
      $(CreateTempDirPackageVersion) `
    # Copy it to C:\Users\<user>\AppData\Local\Temp\chocolatey\securepointsslvpn\<version>
    # Prevent to continue if the copy fails. By default every command relies on
    # the $ErrorActionPreference. By default the latter is set on Continue (tested).
    Copy-Item -Path "$msiTempFile" -Destination "$msiPermanentFile" -ErrorAction Stop
    Write-Host "Killing the non silent MSI installer..."
    [array]$childPid = GetChildPid -id $installerPid
    Write-Debug "installer PID: $installerPid"
    if ($childPid.Count -eq 0) {
      throw "Unable to find the pid of the cmd executable run by the installer."
    Write-Debug "cmd PID: $($childPid[0].ProcessId)"
    [array]$childPid = GetChildPid -id $childPid[0].ProcessId
    if ($childPid.Count -eq 0) {
      throw "Unable to find the pid of the msiexec executable run by the cmd process."
    # cmd has several childs PID. The PID of msiexec is usually the second one.
    # Just to be sure, we are gonna kill all cmd childs.
    $cmdChilds = $($childPid.Count)
    Write-Debug "cmd childs number: $cmdChilds"
    for ($i = 0; $i -lt $cmdChilds; $i++) {
      Write-Debug "Killing PID: $($childPid[$i].ProcessId)"
      Stop-Process -Id $childPid[$i].ProcessId -Force
    Write-Host "Installing silently the recovered MSI installer..."
    $packageArgs = @{
      packageName   = $packageName
      fileType    = 'msi'
      file      = $msiPermanentFile
      silentArgs  = "TRANSFORMS=`":en-us.mst`" /qn /norestart /l*v `"$($env:TEMP)\$($packageName).$($env:chocolateyPackageVersion).MsiInstall.log`"" # ALLUSERS=1 DISABLEDESKTOPSHORTCUT=1 ADDDESKTOPICON=0 ADDSTARTMENU=0
      validExitCodes= @(0, 3010, 1641)
      softwareName  = $packageName
    Install-ChocolateyInstallPackage @packageArgs
    if ($previousService) {
      Write-Host "Resetting previous Securepoint VPN service to " `
        "'$($previousService.status)' and " `
      SetServiceProperties `
        -name "Securepoint VPN" `
        -status "$($previousService.status)" `
        -startupType "$($previousService.startupType)"
  • tools\chocolateyUninstall.ps1 Show
    $packageName = 'securepointsslvpn'
    $softwareName = 'Securepoint*SSL*VPN*'
    $installerType = 'msi'  
    $silentArgs = '/qn /norestart'
    $validExitCodes = @(0, 3010, 1605, 1614, 1641)
    [array]$key = Get-UninstallRegistryKey -SoftwareName $softwareName
    if ($key.Count -eq 1) {
      $silentArgs = "$($key.PSChildName) $silentArgs"
      $file = ''
      Uninstall-ChocolateyPackage `
        -PackageName $packageName `
        -FileType $installerType `
        -SilentArgs "$silentArgs" `
        -ValidExitCodes $validExitCodes `
        -File "$file" | Out-Null
    } elseif ($key.Count -eq 0) {
      Write-Warning "$packageName has already been uninstalled by other means."
    } elseif ($key.Count -gt 1) {
      Write-Warning "$key.Count matches found!"
      Write-Warning "To prevent accidental data loss, no programs will be uninstalled."
      Write-Warning "Please alert package maintainer the following keys were matched:"
      $key | % {Write-Warning "- $_.DisplayName"}
  • tools\openvpn-client-installer-2.0.25.exe Show
    md5: 62131AF523A546485411996EC766E991 | sha1: B6FA3D6317A98DCC5D8FBEF2ACA39252E293356B | sha256: C309F4F061133311E5352F3DC5A4D5A2821492CD4335FA97F9A2E1F2EB2A5759 | sha512: 16E0CE19E470A227EFDA381CA270AC097CD5714C49AEF6CF185ECF3633FFEB13E9C21A24155DC876DA34A9E7A63344897849786E649558FA7DFFE083E6D1F65C
  • tools\utils\utils.ps1 Show
    function CreateTempDirPackageVersion {
    Create a temporary folder in current user temporary location. The folder name
    has the name of the package name and version (if any).
    The location to the created directory
    This function is based on part of the code of the command
        $chocTempDir = $env:TEMP
        $tempDir = Join-Path $chocTempDir "$($env:chocolateyPackageName)"
        if ($env:chocolateyPackageVersion -ne $null) {
            $tempDir = Join-Path $tempDir "$($env:chocolateyPackageVersion)"
        $tempDir = $tempDir -replace '\\chocolatey\\chocolatey\\', '\chocolatey\'
        if (![System.IO.Directory]::Exists($tempDir)) {
            [System.IO.Directory]::CreateDirectory($tempDir) | Out-Null
        return $tempDir
    function PrintWhenVerbose {
    Display the string passed as argument if chocolatey has been run in debug or
    verbose mode. The string argument is cut automatically and each line is
    prefixed by the "VERBOSE: " statement thanks to the call of Write-Verbose
    .PARAMETER string
    The string to display in verbose mode
        param (
        # Display the output of the executables if chocolatey is run either in debug
        # or in verbose mode.
        if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
            $env:ChocolateyEnvironmentVerbose -eq 'true') {
            $stringReader = New-Object System.IO.StringReader("$string")
            while (($line = $stringReader.ReadLine()) -ne $null) {
               Write-Verbose "$line"
    function GetServiceProperties {
    Get service properties
    An object made of the following fields:
    - name (string)
    - status (string)
    - startupType (string)
    - delayedStart (bool)
        param (
        # Lets return our own object.
        # src.:
        $properties = "" | Select-Object -Property name,status,startupType,delayedStart
        # Get-Service is not throwing an exception when the service name
        # contains * (asterisks) and the service is not found. Prevent that.
        if ($name -cmatch "\*") {
            Write-Warning "Asterisks have been discarded from the service name '$name'"
            $name = $name -Replace "\*",""
        # The Get-Service Cmdlet returns a System.ServiceProcess.ServiceController
        # Get-Service throws an exception when the exact case insensitive service
        # is not found. Therefore, there is no need to make any further checks.
        $service = Get-Service "$name" -ErrorAction Stop
        # Correct to the exact service name
        if ($name -cnotmatch $service.Name) {
            Write-Debug "The service name '$name' has been corrected to '$($service.Name)'"
        $ = $service.Name
        # Get the service status. The Status property returns an enumeration
        # ServiceControllerStatus src.:
        # This cannot be tested directly from CLI as the .NET assembly is not
        # loaded, we get an exception
        [array]$statusAvailable = [enum]::GetValues([System.ServiceProcess.ServiceControllerStatus])
        if ($statusAvailable -notcontains "$($service.Status)") {
            $errorString = "The status '$service.status' must be '"
            $errorString += $statusAvailable -join "', '"
            $errorString += "'"
            throw "$errorString"
        $properties.status = $service.Status
        # The property StartType of the class System.ServiceProcess.ServiceController
        # might not available in the .NET Framework when used with PowerShell 2.0
        # (cf. This property has been made available since
        # .NET 4.6.1 (src.:
        # Since we cannot rely on this property, we need to find another solution.
        # While WMI is widely available and working, let's parse the registry;
        # later we will need an info exclusively storred in it.
        # To list all the properties of an object:
        # $services[0] | Get-ItemProperty
        $service = Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\$name
        if (!$service) {
            throw "The service '$name' was not found using the registry"
        # The values are the ones defined in
        # [enum]::GetValues([System.ServiceProcess.ServiceStartMode])
        switch ($service.Start) {
            2 { $properties.startupType = "Automatic" }
            3 { $properties.startupType = "Manual" }
            4 { $properties.startupType = "Disabled" }
            default { throw "The startup type is invalid" }
        # If the delayed flag is not set, there is no record DelayedAutoStart to the
        # object.
        if ($service.DelayedAutoStart) {
            $properties.delayedStart = $true
        } else {
            $properties.delayedStart = $false
        return $properties
    function SetServiceProperties {
    Set service properties supporting delayed services
    .PARAMETER name
    The service name
    .PARAMETER status
    One of the following service status:
    - 'Stopped'
    - 'StartPending'
    - 'StopPending'
    - 'Running'
    - 'ContinuePending'
    - 'PausePending'
    - 'Paused'
    .PARAMETER startupType
    One of the following service startup type:
    - 'Automatic (Delayed Start)'
    - 'Automatic'
    - 'Manual'
    - 'Disabled'
        param (
            # By default parameter are positional, this means the parameter name
            # can be omitted, but needs to repect the order in which the arguments
            # are declared, except if the PositionalBinding is set to false.
            # src.:
        try {
            $service = GetServiceProperties "$name"
        } catch {
            throw "The service '$name' cannot be found"
        if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
            $env:ChocolateyEnvironmentVerbose -eq 'true') {
            Write-Verbose "Before SetServicesProperties:"
            if ($service.delayedStart) {
                Write-Verbose "Service '$($' was '$($service.status)', with '$($service.startupType)' startup type and delayed"
            } else {
                Write-Verbose "Service '$($' was '$($service.status)', with '$($service.startupType)' startup type"
        # src.:
        [array]$statusAvailable = [enum]::GetValues([System.ServiceProcess.ServiceControllerStatus])
        if ($statusAvailable -notcontains "$status") {
            $errorString = "The status '$status' must be '"
            $errorString += $statusAvailable -join "', '"
            $errorString += "'"
            throw "$errorString"
        if ($startupType -ne "Automatic (Delayed Start)" -and
            $startupType -ne "Automatic" -and
            $startupType -ne "Manual" -and
            $startupType -ne "Disabled") {
            throw "The startupType '$startupType' must either be 'Automatic (Delayed Start)', 'Automatic', 'Manual' or 'Disabled'"
        # Set delayed auto start
        if ($startupType -eq "Automatic (Delayed Start)") {
            # (src.: and
            # Modifying the registry does not change the value in services.msc,
            # using sc.exe does. sc.exe uses the Windows NT internal functions
            # OpenServiceW and ChangeServiceConfigW. We could use it in PowerShell,
            # but it would requires a C++ wrapper imported in C# code with
            # DllImport, the same C# code imported in PowerShell. While this is
            # doable, this is way slower than calling the sc utility directly.
            # Set-ItemProperty -Path "Registry::HKLM\System\CurrentControlSet\Services\$($service.Name)" -Name DelayedAutostart -Value 1 -Type DWORD
            # An .exe can be called directly but ensuring the exit code and
            # stdout/stderr are properly redirected can only be checked with
            # this code.
            $psi = New-object System.Diagnostics.ProcessStartInfo
            $psi.CreateNoWindow = $true
            $psi.UseShellExecute = $false
            $psi.RedirectStandardInput = $true
            $psi.RedirectStandardOutput = $true
            $psi.RedirectStandardError = $true
            $process = New-Object System.Diagnostics.Process
            $process.StartInfo = $psi
            $psi.FileName = 'sc.exe'
            $psi.Arguments = "Config ""$($service.Name)"" Start= Delayed-Auto"
            # The [void] casting is actually needed to avoid True or False to be displayed
            # on stdout.
            #PrintWhenVerbose $process.StandardOutput.ReadToEnd()
            #PrintWhenVerbose $process.StandardError.ReadToEnd()
            if (!($process.ExitCode -eq 0)) {
                throw "Unable to set the service '$($service.Name)' to a delayed autostart."
        } else {
            # Make sure the property DelayedAutostart is reset otherwise
            # GetServiceProperties could report a service as Manual and delayed
            # which is not possible.
            Set-ItemProperty `
            -Path "Registry::HKLM\System\CurrentControlSet\Services\$($service.Name)" `
            -Name DelayedAutostart -Value 1 -Type DWORD -ErrorAction Stop
        # Cast "Automatic (Delayed Start)" to "Automatic" to have a valid name
        if ($startupType -match "Automatic (Delayed Start)") {
            $startupType = "Automatic"
        # Set-Service cannot stop services properly and complains the service is
        # dependent on other services, which seems to be wrong.
        # src.:
        if ($status -eq "Stopped") {
            Stop-Service "$($service.Name)" -ErrorAction Stop
        Set-Service -Name "$($service.Name)" -StartupType "$startupType" -Status "$status" -ErrorAction Stop
        if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
            $env:ChocolateyEnvironmentVerbose -eq 'true') {
            $service = GetServiceProperties "$name"
            Write-Verbose "After SetServicesProperties:"
            if ($service.delayedStart) {
                Write-Verbose "Service '$($' now '$($service.status)', with '$($service.startupType)' startup type and delayed"
            } else {
                Write-Verbose "Service '$($' now '$($service.status)', with '$($service.startupType)' startup type"
    function CheckPGPSignature {
    Check the signature of a file using the public key and signatures provided.
    .PARAMETER pgpKey
    The path and file name to PGP public key to check the signature.
    .PARAMETER signatureFile
    The path and file name to the signature file. The signature file must keep
    its original filename if the argument 'file' is not specified.
    .PARAMETER file (optional)
    GPG can find the filename of the file to check by itself, only if the
    signatureFile has its original file name. What GnuPG does is to retrieve the
    filename of the file to check is to remove the .asc suffix from the
    signature file.
        param (
        # Get-Command throws an error message but continues execution, ask to
        # continue without message at all.
        if (!(Get-Command 'gpg.exe' -ErrorAction SilentlyContinue)) {
            throw "Unable to find the GnuPG executable 'gpg.exe'."
        # Check if folder or path exists. Work for files as well.
        if (!(Test-Path "$pgpKey")) {
            throw "Unable to find the PGP key '$pgpKey'."
        if (!(Test-Path "$signatureFile")) {
            throw "Unable tofind the PGP signature file '$signatureFile'."
        if ($file -and !(Test-Path "$file")) {
            throw "Unable to find the file '$file'."
        # Get temporary folder for the keyring
        # src.:
        $tempDirKeyring = Join-Path $(Split-Path $pgpKey) $([System.Guid]::NewGuid())
        [System.IO.Directory]::CreateDirectory($tempDirKeyring) | Out-Null
        $psi = New-object System.Diagnostics.ProcessStartInfo
        $psi.CreateNoWindow = $true
        $psi.UseShellExecute = $false
        $psi.RedirectStandardInput = $true
        $psi.RedirectStandardOutput = $true
        $psi.RedirectStandardError = $true
        $process = New-Object System.Diagnostics.Process
        $process.StartInfo = $psi
        Write-Debug "Importing PGP key '$pgpKey' in the temporary keyring ($tempDirKeyring\pubring.gpg)..."
        # Simply invoing the command gpg.exe and checking the value of $? was not
        # enough. Using the following method worked and was indeed more reliable.
        # src.:
        $psi.FileName = 'gpg.exe'
        # Surrounding filenames by 2 double quotes is needed, otherwise of the user
        # folder has a space in it, the space is not taken into account and gpg cannot
        # find the signed data to verify.
        if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
            $env:ChocolateyEnvironmentVerbose -eq 'true') {
            $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --import ""$pgpKey"""
        } else {
            $psi.Arguments = "--homedir ""$tempDirKeyring"" --import ""$pgpKey"""
        # The [void] casting is actually needed to avoid True or False to be displayed
        # on stdout.
        PrintWhenVerbose $process.StandardOutput.ReadToEnd()
        PrintWhenVerbose $process.StandardError.ReadToEnd()
        if (!($process.ExitCode -eq 0)) {
            throw "Unable to import PGP key '$pgpKey' in the temporary keyring ($tempDirKeyring\pubring.gpg)."
        # This step is actually facultative. It avoids to have this kind of warning
        # by trusting ultimately the key with the highest level available (level 5,
        # number 6, used for the ultimate/owner trust, a level used for own keys.
        # gpg: WARNING: This key is not certified with a trusted signature!
        # gpg:          There is no indication that the signature belongs to the owner.
        Write-Debug "Getting the fingerprint of the PGP key '$pgpKey'..."
        $psi.FileName = 'gpg.exe'
        if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
            $env:ChocolateyEnvironmentVerbose -eq 'true') {
            $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --with-fingerprint --with-colons ""$pgpKey"""
        } else {
            $psi.Arguments = "--homedir ""$tempDirKeyring"" --with-fingerprint --with-colons ""$pgpKey"""
        # Get the full fingerprint of the key
        # src.:
        $pgpFingerprint = $process.StandardOutput.ReadToEnd()
        $pgpFingerprint = $pgpFingerprint -split ':'
        $pgpFingerprint = $pgpFingerprint[18]
        Write-Debug "Trusting the PGP key '$pgpKey' ultimately based on its fingerprint '$pgpFingerprint'..."
        $psi.FileName = 'gpg.exe'
        if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
            $env:ChocolateyEnvironmentVerbose -eq 'true') {
            $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --import-ownertrust"
        } else {
            $psi.Arguments = "--homedir ""$tempDirKeyring"" --import-ownertrust"
        # Specify the fingerprint and the trust level to stdin
        # e.g.: ABCDEF01234567890ABCDEF01234567890ABCDEF:6:
        $input = $process.StandardInput
        $input.WriteLine($pgpFingerprint + ":6:")
        # Not written until the stream is closed. If not closed, the process will
        # still run and the software will hang.
        # src.:
        Write-Debug "Checking PGP signature..."
        $psi.FileName = 'gpg.exe'
        if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
            $env:ChocolateyEnvironmentVerbose -eq 'true') {
            if ($file) {
                $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --verify ""$signatureFile"" ""$file"""
            } else {
                $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --verify ""$signatureFile"""
        } else {
            if ($file) {
                $psi.Arguments = "--homedir ""$tempDirKeyring"" --verify ""$signatureFile"" ""$file"""
            } else {
                $psi.Arguments = "--homedir ""$tempDirKeyring"" --verify ""$signatureFile"""
        PrintWhenVerbose $process.StandardOutput.ReadToEnd()
        PrintWhenVerbose $process.StandardError.ReadToEnd()
        if (!($process.ExitCode -eq 0)) {
            throw "The signature does not match."
    function GetCertificateInfo {
    Return a X509Certificate object.
    This function has ben implemented in a polymorphic way. Either we specify
    a file or we specify a store and a certificate fingerprint.
    Usage 1: Specify a file to open as a X509 certificate.
    Usage 2: Specify a store and a certificate fingerprint to search for.
    .PARAMETER file (usage 1)
    The path and file name to the certificate file.
    .PARAMETER store (usage 2)
    The certificate store (X509Store object) which has been previously opened.
    .PARAMETER fingerprint (usage 2)
    The fingerprint of the certificate to search for from the certificate store.
    A X509Certificate object cf. to see the documentation
        param (
            [Parameter(Mandatory=$true, ParameterSetName="file")]
            [Parameter(Mandatory=$true, ParameterSetName="fingerprint")]
            [Parameter(Mandatory=$true, ParameterSetName="fingerprint")]
        switch ($PsCmdlet.ParameterSetName) {
            "file" {
                # New-Object does not respect the rule -ErrorAction
                # src.:
                try {
                    $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate `
                    -ArgumentList "$file"
                } catch {
                    throw "Unable to open the X509certificate '$file'"
            "fingerprint" {
                # Sanitize the fingerprint
                if ($fingerprint) {
                    $fingerprint = $fingerprint.replace(' ','')
                $certificates = New-Object `
                System.Security.Cryptography.X509Certificates.X509CertificateCollection `
                -ArgumentList $store.Certificates
                $i = 0
                while ($i -lt $certificates.Count) {
                    if ("$($certificates.item($i).GetCertHashString())" -eq "$fingerprint") {
                        $cert = $certificates.item($i)
                if ($i -gt $certificates.Count) {
                    throw "Unable to find the certificate in the store '$($store.Name)' at location '$($store.Location)'"
        return $cert
    function AddTrustedPublisherCertificate {
    Adds a X509 certificate to the TrustedPublisher certificate store.
    .PARAMETER file (usage 1)
    The path and file name to the certificate file.
    Sometimes setup executables try to install autosigned drivers. Windows asks us
    if we want to trust the certificate from the software publisher. In order to
    have a complete silent install, it is needed to add that certificate to the
    Windows TrustedPublisher keystore.
    In order to recover that certificate for firther use, we have to
    - Install the driver accepting the certificate
    - Tick the checkbox "Always trust software from "Software Publisher, Inc.""
    - As by default, only certificates of the local users are displayed in the
      certificate manager, we need to add the view for the whole computer first.
      For that, we need to run the Microsoft Management Console, run mmc.exe
    - Then go to "File -> Add/Remove Snap-in..."
    - Select "Certificates" from the left list view then run certmgr.msc,
    - Click the "Add >" button at the center of the window
    - Select the "Computer account" radio button
    - Click the "Next >" button
    - Click the "Finish" button
    - Click the "OK" button
    - Expand "Certificates (Local Computer) -> Trusted Publishers -> Certificates"
    - Right click the "OpenVPN Technologies, Inc." certificate
    - Select "All Tasks -> Export..."
    - Click the "Next >" button
    - Select the "Base64 encoded x.509 (.CER)" radio button
    - Click the "Next" button
    - Select a destination and a filename you wish to save the certificate
    - Click the "Next >" button
    - Click the "Finish" button
    - Click the "OK" button from the confirmation dialog box
    The certificate is now in the location specified.
    Next time we install the same piece of software, even if we remove that
    certificate, Windows will not ask us to confirm the installation as the
    driver is cached in the Drivers Store (C:\Windows\Inf).
    To simulate a first install we need to remove the cached drivers as well.
        param (
        $cert = GetCertificateInfo -file "$file"
        $store = New-Object System.Security.Cryptography.X509Certificates.X509Store `
        -ArgumentList ([System.Security.Cryptography.X509Certificates.StoreName]::TrustedPublisher,`
    function RemoveTrustedPublisherCertificate {
    Removes a X509 certificate from the TrustedPublisher certificate store.
    This function has ben implemented in a polymorphic way. Either we specify
    a file or we specify a certificate fingerprint.
    Usage 1: Specify a file to remove a X509 certificate from the certificate
    Usage 2: Specify a certificate fingerprint to remove the certificate
             corresponding to that certificate fingerprint.
    .PARAMETER file (usage 1)
    The path and file name to the certificate file.
    .PARAMETER fingerprint (usage 2)
    The fingerprint of the certificate to remove from the certificate store.
        param (
            [Parameter(Mandatory=$true, ParameterSetName="file")]
            [Parameter(Mandatory=$true, ParameterSetName="fingerprint")]
        $store = New-Object System.Security.Cryptography.X509Certificates.X509Store `
        -ArgumentList ([System.Security.Cryptography.X509Certificates.StoreName]::TrustedPublisher,`
        switch ($PsCmdlet.ParameterSetName) {
            "file" {
                $cert = GetCertificateInfo -file "$file"
            "fingerprint" {
                $cert = GetCertificateInfo -store $store -fingerprint "$fingerprint"
    Get the childs processes of the process pid passed as argument.
    .PARAMETER string
    The PID of the process to search for the subprocesses.
    An array of Win32_Process objects
    function GetChildPid {
        param (
        [array]$result = Get-WmiObject -Class Win32_Process -Filter "ParentProcessID=$id"
        return $result

Virus Scan Results

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.


Package Maintainer(s)

Software Author(s)

  • Securepoint Security Solutions


2017 Securepoint GmbH


Release Notes

Version History

Version Downloads Last updated Status
Securepoint SSL VPN Client 2.0.22 727 Thursday, July 12, 2018 approved
Securepoint SSL VPN Client 2.0.21 1095 Wednesday, October 4, 2017 approved
Securepoint SSL VPN Client 2.0.18 1543 Monday, February 13, 2017 approved
Securepoint SSL VPN 549 Monday, June 9, 2014 approved
Securepoint SSL VPN 1.0.3 344 Monday, June 9, 2014 approved
Securepoint SSL VPN 1.0 345 Tuesday, February 4, 2014 approved

Discussion for the Securepoint SSL VPN Client Package

Ground rules:

  • This discussion is only about Securepoint SSL VPN Client and the Securepoint SSL VPN Client package. If you have feedback for Chocolatey, please contact the google group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or Securepoint SSL VPN Client, or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.

comments powered by Disqus uses cookies to enhance the user experience of the site.