All,

The Comodo timestamp server seems to be down.

I would suggest to switch to the VeriSign timestamp server for today.

--
Friedrich Linder
Lindersoft | SetupBuilder | www.lindersoft.com
954.252.3910 (within US) | +1.954.252.3910 (outside US)

--SetupBuilder "point. click. ship"
--Helping You Build Better Installations
--Create Windows 10 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner

Comodo timestamp server seems to be back again...

Friedrich

They are trying to file their US taxes today <g>

--

Russ Eggen
RADFusion International, LLC

>
> They are trying to file their US taxes today <g>
>

LOL !!! :-)

Friedrich

Hi Friedrich,

> Comodo timestamp server seems to be back again...

Is there any practical difference between those timestamp servers in the
resulting code signature? Could SB switch to another one if one doesn't
respond?

Best regards,

--
Arnor Baldvinsson
Icetips Alta LLC

Hi Arnor,

>> Comodo timestamp server seems to be back again...
>
> Is there any practical difference between those timestamp servers in the
> resulting code signature?

From the technical point-of-view there is no difference.

> Could SB switch to another one if one doesn't respond?

The servers are not really down and they always respond. But they do not
create a timestamp. From time to time, the service goes down for approx.
5-7 minutes to undergo some scheduled maintenance. But you can't do a
simple "ping" to check the server status. If code-signing suddenly stops
working, is it a problem caused by the latest anti-virus or anti-spyware
definition update, a false-positive issue, a firewall problem, a (temporary)
ISP issue, a problem with a specific .exe (PE Header problem), or is it
really a timestamping service interruption? Who knows <g>.

Friedrich

Friedrich,

> > Could SB switch to another one if one doesn't respond?
>
> The servers are not really down and they always respond. But they do not
> create a timestamp. From time to time, the service goes down for approx.
> 5-7 minutes to undergo some scheduled maintenance. But you can't do a
> simple "ping" to check the server status. If code-signing suddenly stops
> working, is it a problem caused by the latest anti-virus or anti-spyware
> definition update, a false-positive issue, a firewall problem, a (temporary)
> ISP issue, a problem with a specific .exe (PE Header problem), or is it
> really a timestamping service interruption? Who knows <g>.

I think Arnor was asking for an option to list servers in order of
preference and if one failed to sign - for whatever reason, try the
next in the list.

As is if one fails you have to manually go back into the script and
select another server - if SB did that for you it would be handy.

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"
And, now, Windows 10 brings us "The Inch Worm, Bumper Car of Wait!"

Hi Friedrich,

> simple "ping" to check the server status. If code-signing suddenly stops
> working, is it a problem caused by the latest anti-virus or anti-spyware
> definition update, a false-positive issue, a firewall problem, a (temporary)
> ISP issue, a problem with a specific .exe (PE Header problem), or is it
> really a timestamping service interruption? Who knows <g>.

OK, got it! I thought the time stamping thingy was something SB called,
but of course the time stamping is part of the code signing thingy from
MS;)

Best regards,

--
Arnor Baldvinsson
Icetips Alta LLC

Hi Lee,

> I think Arnor was asking for an option to list servers in order of
> preference and if one failed to sign - for whatever reason, try the
> next in the list.


Correct, but the time stamp server is called from the Signtool.exe or
whatever it is so Friedrich can't know what happens. SIgntool fails,
succeeds or completes with warning (See bottom of
https://msdn.microsoft.com/en-us/library/8s9b9yaz(v=vs.110).aspx for the
return codes) so SB can't know if the time stamp failed or something else.

Best regards,

--
Arnor Baldvinsson
Icetips Alta LLC

Hi Lee,

> I think Arnor was asking for an option to list servers in order of
> preference and if one failed to sign - for whatever reason, try the
> next in the list.
>
> As is if one fails you have to manually go back into the script and
> select another server - if SB did that for you it would be handy.

Yes, I understood <g>. But you never know *why* code-signing failed ;-)
Protection software update, firewall, ISP, etc. or really a timestamp
service interruption?! For example, if code-signing suddenly stops working
because a new smart virus definition update blocks code signing then it does
not help to switch to another timestamp server. There is no reliable way to
detect a timestamping service interruption.

BTW, if timestamping failed on your own files (e.g. .EXE, .DLL) then it is
strongly recommended to recompile your program(s) because the code-signing
process already modified the PE Header structure of the file(s). The only
missing (but essential <g>) part is the timestamp.

To switch timestamping service you only have to select another server in
Tools | Options... | Code-Signing. There is no script change required.

Friedrich