EV code signing certificate

[Colin]

Hi Friedrich,
Yes, the SafeNet app must be running for the EV dongle to work. It pops up a dialog for me to enter my password. I guess Sectigo did some deal.

Here is my signtool command, latest version as installed with Visual Studio, run from Powershell in administrator mode because of the location of the certificate.

signtool sign /debug /n "VSProwess Ltd" /tr http://timestamp.comodoca.com /td SHA256 /fd SHA256 "D:\vsSource\SetupBuilder\VSProwessX\VSProwessX_se tup_2X.X.exe".

FYI: it is important to check the timestamp was correctly applied. signtool appears to fail silently if the timeserver is not available and eventually you'll discover that your exe unexpectedly has a shelf life.

Thanks for looking at this.

[linder]

Hi Colin,

I checked this with two SetupBuilder developers this morning. They are using Sectigo EV (hardware dongle!!) without any problem.

https://www.churnite.com/knowledge/c...n/SO20695.html

So the one million question is, what causes the issue on your environment...

1. Open SafeNet Authentication Client Tools.
Navigate to Start > Program Files > Safenet > Safenet Authentication Client Tools.
2. Click the Advanced View icon (gold gear).
3. In the menu tree in the left pane, select Client Settings.
4. In the right pane, select the Advanced tab.
5. On the Advanced tab, select the Enable single logon option.
6. Click Save.
7. To activate the single logon feature, log off from the computer and log on again.

Friedrich

[Colin]

Hi Colin,

I checked this with two SetupBuilder developers this morning. They are using Sectigo EV (hardware dongle!!) without any problem.

https://www.churnite.com/knowledge/c...n/SO20695.html

So the one million question is, what causes the issue on your environment...

1. Open SafeNet Authentication Client Tools.
Navigate to Start > Program Files > Safenet > Safenet Authentication Client Tools.
2. Click the Advanced View icon (gold gear).
3. In the menu tree in the left pane, select Client Settings.
4. In the right pane, select the Advanced tab.
5. On the Advanced tab, select the Enable single logon option.
6. Click Save.
7. To activate the single logon feature, log off from the computer and log on again.

Friedrich

Hi Friedrich,
Thanks, it's good to know someone has gotten this to work. I enabled SafeNet single log-on but sadly still no joy. I'll persevere but FYI here is the error message:

Processing Uninstall Code-Signing...
Adding Digital Certificate to Uninstall...
Resolve CSI...
SIGNTOOL
SVER: 10.0.19041.685
EVCS: VSProwess Ltd [6]
SHA2: 1
Compiler error GEN1053: Code signing process failed. Error Code: 1

signtool error code 1 just means that it didn't work. Perhaps include the debug flag in the next version to enable a more useful error message, and also log the expanded signtool command line. Anyway, thanks for looking at this. SetupBuilder is, by the way, an extremely useful tool, much appreciated here. This is the first snag I've hit in almost 10 years of using SB.

Colin