Hi all!

I recently had my main development PC go down, but we had all the source
codes, etc. backed up on our FTP site so no major harm done.

Since moving to the new PC however, I can not get SB7 to code-sign my
installs, although it used to on my other PC just fine!

I have Jane Fleming's excellent PDF and gone through it, trying to pick
it up where we screwed up, but not certain.

We opted for the PFX file/password combination instead of the cpc/pvx
files, and I have specified SignTool.exe'sd fully-qualified pathname as
our "code signer" in SB7's Options dialog | Filenames page.

If anyone has been through a "forced port" and has a checklist for
getting Comodo's certificate to work, I'd like to hear it. Note that the
certificate was NOT obtained using a Win Vista/7 PC but and older Win XP
one, and we had been using it for for some time prior to the crash, and
it has not expired.

The end of the compile looks like:

SIGNTOOL
Compiler warning GEN1061: File not found:
Compiler error GEN1053: Code signing process failed. Error Code: 1

--------------------------------------- Done
---------------------------------------

PDF_XchangePro_setup.sb7 - 1 error(s), 2 warning(s)

Compilation Time: 26.91 sec.
Date/Time: 3/21/2013 -- 4:06:58PM

------------------------------- Compilation aborted
-------------------------------

(The two warnings are from checking two subinstalls we include with some
of our packages. They are supposed to come to me presigned and I just
include them. During signing they have the "Skip If Signed" option checked.)

Thanks in advance for any assistance!

--
Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Craig,

Try running signtool in wizard mode, you might get some clues.
(start it as signtool signwizard)

Also, do you have a capicom.dll file in your windows (or syswow) folder?

Jane

Hi Jane!

capicom.dll is in the folder with signtool.exe.

I'll try signwizard and see what it says.

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Hi Jane!

OK, signtool.exe running signwizard with capicom.dll will not let me
select the certificate PFX file that we have been using.

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

> Hi all!
>
> I recently had my main development PC go down, but we had all the source
> codes, etc. backed up on our FTP site so no major harm done.

Craig,

In addition to what Jane suggested - New computer? - if running Windows 7
or Windows 8, be sure and download the newer Windows 7 signtool.exe at this
location -

http://www.microsoft.com/downloads/dlx/en-us/listdetailsview.aspx?FamilyID=6b6c21d2-2006-4afa-9702-529fa782d63b

Here is the previous SetupBuilder discussion for this:

http://www.lindersoft.com/forums/showthread.php?p=56858

Newer signtool.exe does not require CAPICOM.DLL

Encourager Software Developer Tips
http://www.encouragersoftware.com/software-developers.html

My company's Developer Tips also contains some helpful hints as well,
including what installation options for the W7 signtool.exe install.

David

--
From David Troxell - Product Scope 8! - Encourager Software
http://www.encouragersoftware.com/product-scope-major-features.html

Hi David!

I'll give that a try!

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Hi Craig

I recently changed from using the .spc/.pvk and Signcode.exe to using just the .PFX
with Signtool on Win7Pro O/S.

At first it failed, just as your appears to be failing.

What I found was causing the problem was in the SB7 script, in the Details for the
#code-sign application script details, I had the old references to the Credentials
File and Private Key files as well as the new PFX File (optional). see attached
screenshot. Like this, it would not code-sign with Signtool.

Once I deleted the references to the Credentials File and Private Key files, it
started working. But it ONLY failed the first time after I started using the PFX
file. Now when working on older SB7 scripts, it works if I leave those old files in
there and just add the PFX details.

(Maybe a bug in SB7. Whoa, did I really say that! <G>) Maybe Friedrich needs to know
about this....

This may work for you.

JohnG

Hi John!

This is what we have been using which worked on my old PC but won't sign
on the new PC.



Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Hi Craig,

> This is what we have been using which worked on my old PC but won't sign
> on the new PC.

It's not enough to simply have capicom.dll in the folder with signtool.exe.
It is a self-registration file.

http://www.lindersoft.com/forums/showthread.php?p=66432&highlight=capicom#post66432
http://www.lindersoft.com/forums/showthread.php?p=53010#post53010

Then switch the IDE to SignTool.exe (Tools | Options... | File Locations
tab) and you are done ;-)

Friedrich

Hi Friedrich!

Sorry, but no. After installing capicom.dll from your site and changing
to use signtool.exe (had already done that), still getting errors:

SIGNTOOL
Compiler warning GEN1061: File not found:
Compiler error GEN1053: Code signing process failed. Error Code: 1

I used your capicom 2.0.1.2 installer exe as well. I even tried Regsvr32
on capicom.dll 2.0.1.2. It registered but no luck.

I'm holding off until later today and see about getting a replacement
certificate file from my company. Not a new one, just a copy of the one
we've been using.


Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Hi Craig,

Are you sure that you point to the correct .PFX file location in "General
Information" -> "Digital Signature" -> "PFX File" -or- in a "#code-sign
application..." directive?

Friedrich

Hi Friedrich!

Yes. I use Clipname to copy my fully-qualified file path name to the
clipboard:

C:\PDFX-Gold\PDFX-SDK4\PDF-XChange4ArchiveNew\PDF-XChange4\Certificate\mycert2.pfx

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

There is definitely a problem with your location specification. Otherwise,
the compiler would not report the "Compiler warning GEN1061: File not
found:" error (with an "empty" file name).

Friedrich

Craig

Wild guess here..

Perhaps that drive/path/filename is too long at 82 chars. Maybe a limitation of
SignTool or somewhere else. Copy the cert to C:\Temp and try it there, just to see.

JohnG

Hi John!

I'm beginning to suspect something like that. However, I am also waiting
for a new copy of our certificate PFX file and password. Probably get
back on this tomorrow. My colleagues are "perishin' close" to releasing
our PDF-Viewer version 3, which is now called PDF-XChange EDITOR
Edition, so I'm in a holding pattern for the moment.

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Hi Craig

No, that longggggggg path should not be a problem, I just tried it.

I can codesign with my pfx in path

C:\Aaaabbbbccccddddeeeeffff\Aaaabbbbccccddddeeeeff ff\Aaaabbbbccccddddeeeeffff\Aaaabbbbccccddddeeeeff ff\xxxxxxxx2016.pfx

= 120 chars all up.

Must be your pfx.

JohnG

You call that big? <g>

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

Nope,
but ...

John

>You call that big? <g>

Thats a german shop:

https://twitter.com/andrea_wulf/status/248318033829982208/photo/1

Wolfgang Orth

And how could we forget
Llanfairpwllgwyngyllgogerychwyrndrobwll-llantysiliogogogoch in Wales?

The name translates as "St Mary's Church in the hollow of the white
hazel near a rapid whirlpool and the Church of St Tysilio of the red cave".

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

>And how could we forget
>Llanfairpwllgwyngyllgogerychwyrndrobwll-llantysiliogogogoch in Wales?

Anyone who claims they can prounounce that is a liar <g>.

JohnG

Everyone figured out how to do Spock hands. They can do this too.<g>

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

>And how could we forget
>Llanfairpwllgwyngyllgogerychwyrndrobwll-llantysiliogogogoch in Wales?


>The name translates as "St Mary's Church in the hollow of the white
>hazel near a rapid whirlpool and the Church of St Tysilio of the red cave".


Kassenrabattvertragsarzneimittelnichtverfügbarkeit skennzeichnungsfehlerberichtigungsermächtigung

Believe it or not, thats a valid (!) german word.

Wolfgang Orth

Don't tell Volkswagen about it.

They might like it better than Fahrvergnügen.

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

Hi Craig,

I still believe that you have a file location problem. For your .PFX
code-signing scenario, it should look like similar to the following (see
attached screenshot).

Friedrich

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

--Helping You Build Better Installations
--SetupBuilder "point. click. ship"
--Create Windows 8 ready installations in minutes
--Official Comodo Code Signing and SSL Certificate Partner

Hi Friedrich!

I might indeed have a "filoe location problem" but possibly not quite as
you describe it.

Question: do the signtool.exe and PFX files have to be able to be opened
in read/write mode?

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Hi Craig,

> I might indeed have a "filoe location problem" but possibly not quite
> as you describe it.
>
> Question: do the signtool.exe and PFX files have to be able to be
> opened in read/write mode?

Read mode is enough.

You posted the following error message:

> Compiler warning GEN1061: File not found:

The file name in the above error is "empty". So it seems to me that the
compiler reports a "missing file" specification here.

Friedrich

Hi Friedrich!

And I know the field is not blank. See attached, the PFX file line.
That's the line it should be using. That's the line that WAS working on
the other PC.

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Hi Craig,

Do you also have a screenshot for the entry fields in Tools | Options... |
File Locations tab?

Friedrich

Here it is!

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Hi Friedrich et al.

Got it to work. I had to move all the code-signing to an entirely
different set of folders and reset both the signtool.exe and
certificate.pfx file locations and then it worked fine'

I suspect that it has something to do with the strange "blue box"
read-only folder tree attribute that can't be removed.

Craig E. Ransom
Tracker Software Products, Ltd.
http://www.tracker-software.com/

Hi Craig,

Very interesting. I am glad that it's working fine now. Thanks for the
update.

Friedrich

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

--Helping You Build Better Installations
--SetupBuilder "point. click. ship"
--Create Windows 8 ready installations in minutes
--Official Comodo Code Signing and SSL Certificate Partner