378 questions
0
votes
0
answers
42
views
Problem signing Excel VBA files with Signtool and Google KMS
I'm using Google KMS with HSM to store my private key and:
Signtool
CNG 1.2
to sign exe and dll files for my software.
Command looks like this:
"signtool.exe" sign /v /fd sha256 /tr http://...
- 1
2
votes
3
answers
168
views
How to store a command line with arguments in a PowerShell variable
I am signing some built exe files with the Microsoft signtool. The command line is quite long, and always the same, apart from the target file name at the end. So I'd like to keep most of it in a ...
- 1,710
1
vote
0
answers
26
views
Error 0x80090027 when signing using Signtool /ds
Description
When attempting to sign a file using the /ds command I am receiving the following error:
Done Adding Additional Store
SignTool Error: SignedCode::Sign returned error: 0x80090027
The ...
- 31
0
votes
1
answer
167
views
code signing windows installer - publisher unknown - osslsigncode
I am trying to code sign a windows installer. I am processing the certificate through Godaddy and then trying to use osslsigncode to sign my installer with it.
It seems successful, but then when I ...
- 655
1
vote
1
answer
78
views
How to sign a launcher created by jpackage on Windows?
The entry point of the application bundled by jpackage is "My App.exe", given that the app is called "My App".
I can sign the installer after jpackage is done. I can sign other ...
1
vote
1
answer
225
views
signtool with /csp /kc /f introduces a very long delay on an offline/isolated CI server?
I am trying to integrate Code Signing with a DigiCert SafeNet Token based cert with our CI machine.
I am following the description given in https://stackoverflow.com/a/54439759/321013 which leads to ...
- 39.4k
0
votes
0
answers
160
views
signtool error hell in VS C++ driver test signing
I'm not sure what I'm doing wrong. I'm trying to build a Windows kernel driver using VS C++ 2022 with test signing. The project has "File digest algorithm" set to "sha256":
Then ...
- 22.8k
0
votes
1
answer
129
views
Pipeline build error when code signing .PFX is not found
For the last 5 years, I have been code signing my DLLs and EXEs with a command line task step in DevOps Pipeline. The .pfx file itself is stored in source control, and retrieved via Get Sources at ...
1
vote
1
answer
165
views
UAC prompt for file signed by smctl always displays a randomly-generated file name
When I use a digicert smctl sign command (with Key Locker) to sign an MSI binary it puts a randomly generated ".msi" name in the description when the UAC prompt pops up. This is less than ...
- 697
0
votes
1
answer
97
views
Unable to sign Xamarin UWP application when trying to publish
I have a Xamarin UWP application that I developed. I am able to sign the app on my PC and it runs well.
I am now trying to publish the application (create an MSIX) so that i can distribute it within ...
- 175
1
vote
2
answers
253
views
Why does npm run tauri build fail to run signtool.exe
Recently I have been building an application using Svelte, .NET and Tauri, and it is time to sign it and make it available for the customer.
I have bought an EV Code Signing certificate and added it ...
- 121
1
vote
1
answer
496
views
How to read and verify digital signature for EXE and DLL in java
I want to validate the EXEs and DLLs before invoking in java. I searched on internet, but i didnt find any proper solution.
My requirement is, to validate any signed EXE or DLL by extracting a digital ...
- 31
5
votes
1
answer
1k
views
Is there a way to speed up signtool? It is slow
I'm using signtool to sign about 70 files. Each file has to be signed with SHA1 and SHA256, so that is 140 signing operations. It takes about 10 minutes on a very fast computer, or roughly 4 seconds ...
- 4,707
0
votes
1
answer
166
views
Unknown Publisher warning from self-installing exe after signing with SignTool
I have purchased a code signing certificate for the 3rd time since 2015, but when I convert it to a .pfx file and try to use it to sign a self-extracting installer using the code below, the installer ...
- 669
1
vote
1
answer
142
views
Altering 'System.Comment' breaks the digital signature?
i'm exploring to programatically modify some file metadata in the Windows Property System.
i have modified the System.Comment of an MSI file like so:
to my big surprise this now breaks the digital ...
- 309
0
votes
0
answers
678
views
SignTool Error: An error occurred while attempting to load the signing certificate
I am using signtool.exe to sign msix file.
Signtool is launched from the external application.
When it works as a console application, everything works well.
But when the launch comes from the Windows ...
- 544
1
vote
2
answers
2k
views
SignTool Error: SignedCode::Sign returned error: 0x800700C1
I created a Xamarin App (VS 2022). I would like to sideload the UWP so I am trying to create an App Package using the publish menu option in the UWP project.
The app compiles and is signed with a PFX ...
- 175
0
votes
1
answer
642
views
SignTool: How to identify a specific certificate?
I have two USB tokens with GlobalSign certificates, as I develop software for different customers which want their respective company names as code signature. How do I tell SignTool which certificate ...
- 1
2
votes
2
answers
2k
views
signtool: No private key is available (Google cloud HSM)
I want to sign an MSIX package with an EV Code Signing Certificate I bought from Globalsign.
The keys are stored on Google Cloud KMS with a HSM storage type. I basically followed this article to ...
- 153
2
votes
4
answers
6k
views
##[error]EXEC(0,0): Error information: "Error: SignerSign() failed." (-2146893779/0x8009002d)
While using the Signtool on our build server (windows server 2019) azure-devops pipeline has below error, its a DotNetCoreCLI@2 task:
##[error]EXEC(0,0): Error information: "Error: SignerSign(...
- 1,543
0
votes
1
answer
226
views
Is it possible to install signtool.exe without admin rights?
I'm trying to make my build file a bit more automatic, so that it signs automatically, but I don't have signtool.exe file, because I don't have the Windows SDK/KIT files. I could probably install the ...
- 78
3
votes
2
answers
1k
views
SignTool gives internal error (0x80100001)
I just installed my Extended Validation Code Signing Certificate to a Yubikey 5 device.
I call this from the Developer Command Prompt for VS 2022:
signtool sign /debug /sha1 <***> /fd SHA256 /t ...
- 211
0
votes
1
answer
541
views
Signtools says "certificate is not suitable for code signing" but same setup works in another windows machine
I can't explain what happened with my VM but signtool.exe has suddently stopped working and is now complaining with "certificate is not suitable for code signing":
"C:\Program Files (...
- 3,881
1
vote
2
answers
2k
views
How can i sign multiple files in one go using signtool?
I have a directory with dll's and .exe files. I want to sign them using the following command
smctl sign --keypair-alias <keypair alias> --certificate <Path to code signing certificate> --...
- 31
3
votes
1
answer
3k
views
what file types are supported in signtool?
What are the supported file types in windows signtool https://learn.microsoft.com/en-us/dotnet/framework/tools/signtool-exe ?
Can I sign any file types with signtool?
I couldn't find the info on the ...
- 89