I understand but SB says the file was signed successfully.
Lynn
Printable View
I understand but SB says the file was signed successfully.
Lynn
>
>I understand but SB says the file was signed successfully.
>
Can you post a compiler report screenshot? Similar to the attached one?
Friedrich
BTW, I see this (see attached screenshot) when I try to use a .PFX with
SignCode.exe to code-sign the installer.
Friedrich
Here it is.
Lynn
>
> Here it is.
>
Hmmm, strange. It does not mention the Authenticode tool used.
What do you have in "Tools" | "Options..." | "File Locations" tab ->
SignCode.exe or SignTool.exe Location? Does it point to a valid
Authenticode tool?
And can you confirm that the setup.exe is code-signed? IMO, it is not.
Could you please send your .sb8 project file to support [at] lindersoft
[dot] com? Perhaps I can find something in your project that causes this.
Friedrich
Hi Friedrich.
See attachment for File location.
When I Test the project I get no unknown publisher message.
I'll send the project file to support.
Maybe we've found a way to simplify all this Comodo stuff. <G>
Lynn
Hi Lynn,
> See attachment for File location.
>
> When I Test the project I get no unknown publisher message.
>
> I'll send the project file to support.
>
> Maybe we've found a way to simplify all this Comodo stuff. <G>
Unfortunately, I am afraid this is not the case <g>. There must be another
reason for it.
Friedrich
Lynn,
As Friedrich said, see whether the item is really code-signed. I highly
doubt it.
The tool you show in your screen shot is not one of the Authenticode signing
tools. It's "pvkimprt.exe".
Google has a number of hits for that. It's related to certificates, but it
DOES NOT sign stuff:
http://www.wiscocomputing.com/articles/code-signing.htm
http://www.microsoft.com/en-us/downl...s.aspx?id=6563
I'm guessing that SB runs that tool, doesn't get an error flag back, and
"thinks" that that executable succeeded in signing your file.
Right-click your executable, click Properties, and look for the Digital
Signatures tab.
That will tell you whether it's signed or not.
Jane
Hi Jane,
You are absolutely right. Friedrich is looking into the false positive.
Thanks for the research.
Lynn
Hi Lynn,
>
> See attachment for File location.
>
Okay, and the use of "pvkimprt.exe" as code-signing tool is your problem
<g>. This Microsoft tool can be used to combine your .SPC and .PVK
certificate/key files into a .PFX file. It is *not* an Authenticode
code-signing utility ;-)
You have to specify the fully qualified path to "SignCode.exe" if you
code-sign with a .PVK/.SPC -or- the fully qualified path to "SignTool.exe"
if you code-sign with a .PFX.
Friedrich