I am helping a company setup for code signing with their new
certificate using the latest SB. Their certificate was just issued and
appears to be dual code signed.

The install scripts being used are ones that have been used for a long
time but with an older SHA-1 certificate. I have updated the scripts
by adding:

#pragma CODESIGN_SHA = "12"
#pragma CODESIGN_TSSHA1URL =
"http://timestamp.comodoca.com/authenticode"

Also have changed the Time Stamp URL both in the General tab and each
individual call to code signing an exe to
http://timestamp.globalsign.com/?signature=sha2

However when it is run on a Windows 2008 R2 Server (via RDS), the
SHA-1 code sign works fine but then it fails on the SHA-2 with code
"1".

To test the scripts, I installed the trail version of SB onto my
Toshiba laptop which is running Windows 10. Then copied the files
including the SignTool.exe (6.2.9200.16384) to the laptop. Running it
on the laptop everything signs fine.

So the is something about the Win 2008 environment but what. Any
suggestions on what I can look for?


Barton Whisler
(retired<g>)