signtool

问题 We recently purchased an EV Code Signing Certificate . I followed instructions and I can successfully sign our built applications (exe files) , our libraries (dll) . However, I can't sign our setup packages (MSI files) , I always get this error: SignTool Error: An unexpected internal error has occurred. Error information: "Error: SignerSign() failed." (-2147024885/0x8007000b) I don't see anything in Event Viewer. I am really stuck here, I don't not understand how same command could work for

问题 How can I securely pass the password to signtool.exe ? Here's the code: [Setup] SignTool=mysigntool signtool.exe" sign /f <path_to_pfx_certificate> /p <certificate's_password> $f I know there's a method like GetSHA1OfString , but here I need the opposite. 回答1: If you are asking how to encrypt the password, it does not make sense. An encryption needs a key (aka a password). So you end up with another password, which you again need to store somewhere in plain text. It's a kind of a chicken or

问题 I want to automate the code signing of some ClickOnce deployment artifacts - application exe's and manifests. I am using signtool to accomplish this. In an attempt to make the private key available for signing and yet protect the certificate file containing the private key (.pfx file), my plan is to install the certificate into the local machine certificate store with a non-exportable key. (I am aware that there are ways of exporting the key even if it is marked non-exportable.) The machine

问题 I want to automate the code signing of some ClickOnce deployment artifacts - application exe's and manifests. I am using signtool to accomplish this. In an attempt to make the private key available for signing and yet protect the certificate file containing the private key (.pfx file), my plan is to install the certificate into the local machine certificate store with a non-exportable key. (I am aware that there are ways of exporting the key even if it is marked non-exportable.) The machine

问题 I've been signing compiled apps for several months and have a script that calls the Windows 10 SDK signtool. It's been working fine on two different computers and my certificate is valid. Today, I just started getting an "Unexpected internal error" with the error number listed above. I tried disabling antivirus which helped in this case but not mine. My app is written in Delphi but I don't think that matters as this same problem was reported on Microsoft's Developer Community under Visual

问题 I've been signing compiled apps for several months and have a script that calls the Windows 10 SDK signtool. It's been working fine on two different computers and my certificate is valid. Today, I just started getting an "Unexpected internal error" with the error number listed above. I tried disabling antivirus which helped in this case but not mine. My app is written in Delphi but I don't think that matters as this same problem was reported on Microsoft's Developer Community under Visual

来源： https://stackoverflow.com/questions/64433096/signtool-options-interpreted-as-files-on-appveyor

来源： https://stackoverflow.com/questions/64433096/signtool-options-interpreted-as-files-on-appveyor

问题 After accepting a minor Windows update this afternoon, I found that I could no longer make signed builds of my Visual Studio application. Digging in to the problem, I came upon the signtool.exe program which is located in an obscure directory (C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64). Using the command prompt, I tried manually running it to sign my app, but when I did so, nothing happened: no output, no error message. I also tried running it with no parameters expecting a

问题 I'm new to code signing and I'm trying to create as secure a process for signing our code as possible. I created a .pfx file by exporting my certificate from IE and created a password for it. I'm able to sign code using the pfx file with the following command: signtool.exe sign /f mypfx.pfx /p mypass myexetosign.exe This works fine, so I copied signtool.exe, the pfx file, and a different executable to sign to a USB flash drive. I took the USB flash drive to a second computer and tried the