+ Reply to Thread
Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: Cannot use codesigning with in cloud certificate

  1. #11
    Unregistered Guest

    Default Re: Cannot use codesigning with in cloud certificate

    Hi Friedrich
    I have received the yubikey and certificate. Apparently they do not make the .key files downloadable anymore. How do I set this up in my install script, as I have the crt, pem, p7b and der files. I have created an spc file, but cannot create a pvk and pfx file without the .key file. I tried entering in just the spc file in the credentials file (and leaving the pvk and pfx files and the password field blank), but I get:
    Compiler error GEN1053: Code signing process failed. Error Code: 1
    I can successfully sign the exes and dlls using signtool - or scsigntool with the pin for the yubikey as a parameter. So I'm comfortable that the signing works. I'm not sure what to do with Setupbuilder though.

  2. #12
    Join Date
    Mar 2004
    Posts
    4,326

    Default Re: Cannot use codesigning with in cloud certificate

    Hi Geoff,

    I'll send you a private e-mail. We have completely revamped code-signing in SetupBuilder 2025 to support all kinds of certificates (hardware token, cloud, Microsoft Trusted Signing).

    Friedrich

  3. #13
    Join Date
    Nov 2007
    Location
    Malone, NY
    Posts
    80

    Default Re: Cannot use codesigning with in cloud certificate

    Responding to/Updating my initial post -
    The signtool is working in that I can sign the generated setup program.
    I use this command line -
    "F:\path\...\signtool.exe" sign /sha1 "<mythumbprint>" /tr http://time.certum.pl /td sha256 /fd sha256 /v PathToTheExe

    I can see the certificate in the properties of the Setup exe
    -BUT-
    This install integrity check fails.
    I guess because the certificate is a change made to the exe

    - I am using Simply Sign by Asseco distributed from Certum which is working for other exes

    For now I am sending unsigned Installer to a small client who doesn't notice, but I don't think they will be accepted by more security-conscious clients.

    Thanks
    coffee.cup not found. Programmer halted.

  4. #14
    Join Date
    Nov 2007
    Location
    Malone, NY
    Posts
    80

    Default Re: Cannot use codesigning with in cloud certificate

    Hi Friedrich,
    I just realized that I replied to myself instead of you.
    coffee.cup not found. Programmer halted.

  5. #15
    Join Date
    Mar 2004
    Posts
    4,326

    Default Re: Cannot use codesigning with in cloud certificate

    Hi,

    I am also using Certum and Simply Sign...

    Name:  evcs_2.png
Views: 43
Size:  58.8 KB

    I am doing the above with my Certum EV in the cloud certificate… “Issued to” is “Friedrich Linder”, so EVCS://Friedrich Linder. You have to find out what your “Issued to” is.

    In SB2025 you’ll be able to use the thumbprint value here, but in 2019.7 you have to use EVCS.

    Friedrich

  6. #16
    Join Date
    Mar 2004
    Posts
    4,326

    Default Re: Cannot use codesigning with in cloud certificate



    Friedrich

  7. #17
    Join Date
    Nov 2007
    Location
    Malone, NY
    Posts
    80

    Default Re: Cannot use codesigning with in cloud certificate

    Thanks! I'll try that and let you know what happens.
    coffee.cup not found. Programmer halted.

  8. #18
    Join Date
    Nov 2007
    Location
    Malone, NY
    Posts
    80

    Default Re: Cannot use codesigning with in cloud certificate

    Well, here's what happened.
    With some changes to where the signtool exe is located, and my certificate being an OV rather than an EV (which made me a little nervous), my browser caching the test file.

    It all worked perfectly.
    Thanks so much, Friedrich. I'm sending an email about the update right now.
    coffee.cup not found. Programmer halted.

  9. #19
    Join Date
    Mar 2004
    Posts
    4,326

    Default Re: Cannot use codesigning with in cloud certificate

    Quote Originally Posted by ccordes View Post
    It all worked perfectly.
    Thanks so much, Friedrich. I'm sending an email about the update right now.
    PERFECT!!! Thanks so much for the good news

    Friedrich

+ Reply to Thread

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •