Hi,

None of my Setupbuilder scripts will codesign today, but stops with
Compiler error 1053, code sign error code 1.

Got a major Windows update yesterday. Could that be the reason ?

Cheers
/Poul

Certificate(s) expired?

Simon Kemp

> Got a major Windows update yesterday. Could that be the reason ?

Possible that it's the windows update is causing problems, but it's not a
complete failure across the board. The error I'm seeing is that the
timestamp server can't be reached or returned an invalid response, and I'm
getting the same error from MOST of the timestamp servers available from the
SB list. But I AM able to sign using one of the following two:

http://timestamp.globalsign.com/scripts/timestamp.dll
http://timestamp.digicert.com

So try one of those timestamp servers and see if you get the same results.

Terry

I find that to be a problem with the Timestamp URL, either temporarily down
or busy, leading to excessive delay and timeout.

Try switching. There are quite a few, Verisign and Comodo being the most
common.
Alternatively just wait a short while and try again.

Sim

Thanks guys,

I have now tried all timeservers and to no avail.
Certificate is valid another 1.5 year.

I think I have seen somewhere that a reinstall of signtool could
resolve issues after a Windows updta. Any comment on that ?

/Poul

Try:

http://timestamp.comodoca.com/authenticode
http://timestamp.verisign.com/scripts/timstamp.dll
http://trustcenter.de/codesigning/timestamp
http://timestamp.globalsign.com/scripts/timstamp.dll
http://tsa.starfieldtech.com
http://www.startssl.com/timestamp
http://sha256timestamp.ws.symantec.com/sha256/timestamp

Sim Scherer

Hi Sim,

Appreciate your answering but none of these works.
For some of them I get a code sign error code 1 and for some code sign
error code 2.

I don't know the difference ?

/Poul

That happened to me several times today. But it finally worked after
re-trying.

Jeff Slarve
www.jssoftware.com
Twitter free since Jan 11, 2016
I'll search help files & Google for you.

Grammar troll's, are the worse.

Poul,

Try this combination (for SHA-1 and SHA-2):

http://timestamp.verisign.com/scripts/timstamp.dll
http://timestamp.globalsign.com/?signature=sha2

Friedrich

Hi Paul,

Yes I'm seeing the same thing.

I managed to code sign yesterday, then applied the latest windows 10
updates, and then the code signing started to fail.

Regards,

Neil.

Hi Neil,

Thanks for the confirmation.

I think we need a master switch "Disable all code-signing", because I
am really stuck now and cannot generate installs without manually
disabling codesigning a number of places.

And at times (for internal use) you would rather be able to compile an
unsigned package than not being able to compile at all.

Cheers
/Poul

Looking at it further, I'm wondering if it is something to do with SHA1
signing as my previous installs had both sha1 and sha256 signatures,
and now I only seem to be able to see an sha256 signature without a
timestamp.

Regards,

Neil.

Neil,

> Yes I'm seeing the same thing.
>
> I managed to code sign yesterday, then applied the latest windows 10
> updates, and then the code signing started to fail.

Perhaps the Windows update "unregistered" your Capicom (it's an OCX)
component?

Uninstall then reinstall. Try this one:
http://www.lindersoft.com/forums/showthread.php?29427-Problem-compiling&p=53010#post53010

Friedrich

Hi Friedrich,

I've uninstalled Capicom, and reinstalled as you suggested, and I'm
still seeing the same problem I'm afriad.

It's very strange. This is what I'm seeing.....

------ Build started: Project: SapphireWeb.sbp, Configuration: Release
Win32 ------

------ SetupBuilder (tm) Project Script Compiler and Linker for Windows
------ Copyright (c) 1997-2017 Lindersoft
------ SetupScript (tm) Installation Script Language
------ Copyright (c) 2003-2017 Lindersoft
------ All rights reserved.

------ Developer Edition 2017 Version 10.0.5452
------ SetupBuilder (SB/EXE) Compiler Version 10.0.5452

Init Globals...
Set Media Type: Single-file image
Verify Code-Signed Install at Startup: DISABLED
OK
Writing Objects...
OK
Compiling...
sapphireweb.sbp
Init Standard Variables...
Performing pre-checks...
#pragma loaded: CODESIGN_SHA
#pragma CODESIGN_SHA = 12
#pragma loaded: CODESIGN_TSSHA1URL
SHA1 timestamp server defined
#pragma CODESIGN_TSSHA1URL = http://timestamp.comodoca.com/authenticode
OK
Timestamp server(s)...
SHA-1: http://timestamp.comodoca.com/authenticode
SHA-2: http://timestamp.globalsign.com/?signature=sha2
Type : 12
Script format version detected: 10.0.5452
Adding Digital Certificate II (Preprocessor)...
SIGNTOOL: V:\Development\Sapphire Web\SapphireWeb.exe
SVER: 10.0.10586.15
Compiler warning GEN1061: File not found:
SHA1: 1
SHA2: 1
Compiler error GEN1053: Code signing process failed. Error Code: 1
Script(s) processed

--------------------------------------- Done
---------------------------------------

SapphireWeb.sbp - 1 error(s), 1 warning(s), 0 file(s) code-signed

Compilation Time: 1.18 sec.
Date/Time: 5/12/2017 -- 11:39:55AM

------------------------------- Compilation aborted
-------------------------------

Neil Porter

Hi Neil,

> I've uninstalled Capicom, and reinstalled as you suggested, and I'm
> still seeing the same problem I'm afriad.
>
> It's very strange. This is what I'm seeing.....

try this combination of timestamp servers (see attached screenshot).

Works fine here. Comodo does not (the SHA-1 one fails).

Does this help?

Friedrich

Comodo does not work for SHA-1 and SHA-2 at the moment (all my tests
failed). It has nothing to do with a Windows update.

http://timestamp.comodoca.com
http://timestamp.comodoca.com/authenticode

Workaround (for SHA-1 and SHA-2):

http://timestamp.verisign.com/scripts/timstamp.dll
http://timestamp.globalsign.com/?signature=sha2

Friedrich

BTW, and your "GEN1061: File not found" error is caused by another issue.

Please use this method to code-sign:

http://www.lindersoft.com/forums/showthread.php?47199

Friedrich

Thank you Friedrich,

Changing the timestamp servers in the global options has sorted it for me.

So glad you are feeling better, and are back at work to point us in the
right direction.

Regards,

Neil.

Poul,

>
> Got a major Windows update yesterday. Could that be the reason ?
>

Is your Capicom component still installed and registered?

http://www.lindersoft.com/forums/showthread.php?29427-Problem-compiling&p=53010#post53010

Friedrich

Hi Poul,

> None of my Setupbuilder scripts will codesign today, but stops with
> Compiler error 1053, code sign error code 1.

My client also had problems code signing before the weekend. I wonder
if it was because of the ransomware attack.

Best regards,

--
Arnor Baldvinsson
Icetips Alta LLC

Hi Friedrich,

> Poul,
>
>>
>> Got a major Windows update yesterday. Could that be the reason ?
>>
>
> Is your Capicom component still installed and registered?
>
> http://www.lindersoft.com/forums/showthread.php?29427-Problem-compiling&p=53010#post53010
>
> Friedrich

Sorry for the late reply I have been travelling and just now returned.

Yes Capicom is still installed and now I can codesign again.
I have done nothing to my Windows or the codesigning components.

All my Setupbuilder scripts pre-dates the options for global selecting
type of signing, so all code-signing use local code signing
configuration.

But I guess I should move to using the global options since this would
make it easier to switch timeserver.

But at the moment all is good :-)

Cheers
/Poul