signtool failing to dual sign SHA2 and SHA1 with timestamps

Question

We need to dual sign our binaries with SHA1 and SHA2 using signtool.exe, our certificate supports 256-bit SHA2.

Using the Windows 8 SDK\'s signtool:

e.g.:

Answer 1

Try using

signtool.exe sign /as /fd sha256 /tr http://timestamp.geotrust.com /td sha256 /f certificate.pfx /p XXXXXX file.dll

/tr is for RFC3161 timestamping, /td obviously for the hash to use.