-
code signing now...
Friedrich,
So I have my code signing certificat which I got back in the 31st of
august of 2014
it's been working fine to codesign with setupbuilder.
so what are the steps that I have to do to make it into a new sha2
certificate use or combined like you talk about?
Best Regards...
Roberto Renz
-
Re: code signing now...
Roberto,
> So I have my code signing certificat which I got back in the 31st
> of august of 2014 it's been working fine to codesign with setupbuilder.
> so what are the steps that I have to do to make it into a new sha2
> certificate use or combined like you talk about?
You need one of the latest SignTool.exe from Microsoft (at least
6.2.9200.16384) and then use #pragma and set CODESIGN_SHA to 2 for SHA-2
signing (see pragma help).
Does this help?
Friedrich
-
Re: code signing now...
Ok I tried that..
I have version 10.0.10240.16384 version of signtool
added the #pragma at the start of my script.
compiled and got
Performing pre-checks...
#pragma loaded: CODESIGN_SHA
#pragma CODESIGN_SHA = 2
OK
Script format version detected: 7.0.2600
Adding Digital Certificate (Preprocessor)...
SIGNTOOL: D:\develop\tdeo3\tdeo.exe
SHA2: 1
Compiler error GEN1053: Code signing process failed. Error Code: 1
Script(s) processed
Does that mean my certificate is not adequate or do I have to order
something else?
Best Regards..
Roberto Renz
-
2 Attachment(s)
Re: code signing now...
Roberto,
> Does that mean my certificate is not adequate or do I have to order
> something else?
Did you specify a SHA-2 compliant timestamp server? Are you using a
signtool.exe version (and the required components) that support SHA-2?
Friedrich
-
Re: code signing now...
Hi Friedrich,
please can you clarify what you mean by "required components" of signtool.exe ?
thanks
Darko
-
Re: code signing now...
Darko,
> please can you clarify what you mean by "required components" of
> signtool.exe ?
Authenticode needs the CAPICOM component. Sometimes this component is
missing (or not registered) on Windows machines and signtool.exe fails.
Similar to this:
http://www.lindersoft.com/forums/sho...2102#post82260
The component can be downloaded here:
http://www.lindersoft.com/forums/sho...5570#post75570
Friedrich
-
Re: code signing now...
Friedrich,
ok..
I guess I didn't know about the new stamp server change..
I've always used the comodo one, changing it to the globalsign.com did
the trick.
thank.. you I now what t sha256 signature..
Robi
-
Re: code signing now...
Friedrich,
what would be the pragma to dual sign sha-1 and sha-2 signatures?
Best Regards...
Roberto Renz
-
Re: code signing now...
Found it...
#pragma CODESIGN_SHA = "12"
That should do it..
Roberto Renz
-
Re: code signing now...
Roberto,
#pragma CODESIGN_SHA = "12" is correct.
But please see this:
http://www.lindersoft.com/forums/sho...4559#post84559
Friedrich