问题
I purchased an authenticode certificate from a well known provider.
Now I want to strong name an assembly and later on digitally sign it.
This is what I've done so far:
- Extracted public key from pfx by running sn.exe -p keypair.pfx key.snk
- Checked both "Sign the assembly" and "Delay sign only" checkboxes on project properties signing tab
- Provided key.snk as keyfile to sign with
- Extracted public key token by running sn.exe -tP key.snk
- Disabled strong name verification on my devbox by running sn -Vr *,
The idea is to disable delay signing on the team build and provide the keypair.pfx file there. This way, I can fully sign the assembly on the team build server that has restricted access while not providing the private key on the dev boxes for security reasons.
However, when trying to build the assembly locally, I get the following error:
Cryptographic failure while signing assembly '.dll' – 'Bad Version of Provider'
Does anyone have a solution for this?
回答1:
I got a reply from Comodo:
There's problem with VS2005/2008 and authenticode certificates. (Microsoft level) They can't be used for Strong Named Assemblies. You have to create your own private key to do the strong name signing.
来源:https://stackoverflow.com/questions/1493004/cryptographic-failure-while-signing-assembly-assemblyname-dll-bad-version