Stack Overflow
Stack Overflow

Questions tagged [signtool]

The SignTool tool is a command-line tool that digitally signs files, verifies signatures in files, or time stamps files.

The SignTool tool is a command-line tool that digitally signs files, verifies signatures in files, or time stamps files. For information about why signing files is important, see Introduction to Code Signing. The tool is installed in the \Bin folder of the Microsoft Windows Software Development Kit (SDK) installation path.

SignTool is available as part of the Windows SDK, which you can download.

342 questions
7
votes
2 answers

signtool Dual Signing Failure

Question concerning a failure I'm having when attempting to dual sign with SHA1/SHA256. I've had a SHA256 code signing certificate for a few years now, but before the new year (2016), I started using /fd SHA256 for the hashing algorithm to be…
Jay Schwegler
  • 125
  • 1
  • 5
7
votes
1 answer

How to list all signatures with signtool.exe while verifying against the kernel signing policy

So I am signing a binary using signtool from the Windows SDK 8.1: "C:\Program Files (x86)\Windows Kits\8.1\bin\x64\signtool.exe" sign /a /i Symantec /ac C:\utils\MSCV-VSClass3.cer /ph /t "http://timestamp.verisign.com/scripts/timstamp.dll"…
0xC0000022L
  • 20,597
  • 9
  • 86
  • 152
7
votes
2 answers

SignTool error when signing AppX file: "Error: SignerSign() failed." (-2147024693/0x800700cb)

I am creating an Appx package using makeappx.exe and then try to sign it using SignTool.exe. The error I get from SignTool is: "Error: SignerSign() failed." (-2147024693/0x800700cb) The certificate I am using is created by me following…
Dorel Pîslan
  • 106
  • 1
  • 1
  • 4
7
votes
2 answers

How to dual sign a dll with a certificate?

We need to sign a dll file with SHA1 & SHA2 (to obtain prior to Win XP SP3 signing cert with SHA1 and post Win XP SP3 OS's with highest security of SHA2). I found an article that says to do something like the below, but I can't get it to work (show…
Japster24
  • 1,486
  • 3
  • 21
  • 23
7
votes
1 answer

How to sign manually an exe file with developer licence for Windows 8 RT

I make an exe file for Windows 8 RT. But when I want to run, show an error message: "Windows cannot verify the digital signature for this file. ..." I get a developer licence for windows 8 RT. With this license visual studio 2012 can remotely…
A.Danesh
  • 844
  • 11
  • 40
6
votes
5 answers

SignTool unexepected internal error

I am running SignTool with the following command: signtool sign /f keyfile.pfx /p mypassword pathToMsiFile.msi and i get the following error: SignTool Error: An unexpected internal error has occurred. Error information: "Error:…
ravyoli
  • 698
  • 6
  • 13
6
votes
1 answer

Sign multiple files with signtool.exe

I have a digital cert bought from a third-party CA and I wanted to use it to sign software with a large number of library files/packages (.bpl). However, signing them one by one takes a lot of time and I am wondering is there any ways to allow me to…
Leong
  • 229
  • 2
  • 11
6
votes
2 answers

How to specify location of signtool.exe in Azure DevOps?

While trying to sign an application compiled and published from Azure Devops using the Visual Studio Build task, I'm getting the following error message: An error occurred while signing: SignTool.exe was not found at path e:\
Kjartan
  • 18,591
  • 15
  • 71
  • 96
6
votes
1 answer

Signtool.exe /dg /ds /di options and timestamping

We are working on optimizing the digital signing process using the signtool.exe digest options. So far the workflow looks like this: Create the digest on the client: signtool.exe sign /f cert /fd sha256 /dg . MyFile.dll Send MyFile.dll.dig digest…
Alex I
  • 2,078
  • 3
  • 18
  • 24
6
votes
0 answers

signtool.exe sometimes cannot use certificate due to private key filter

On our build servers we use signtool.exe to sign our artifacts. The same arguments are passed to signtool.exe each time, but it fails or passes sporadically due to our certificate not being used because of a "private key filter". We have been using…
dfrank
  • 71
  • 1
  • 4
6
votes
3 answers

"Invalid SHA1 hash format" error calling signtool from msbuild or command line

I am trying to sign my assemblies and setup files during project build using SignTool.exe. Following this answer I wanted to use the /sha1 option so that I don't need to specify the certificate password. However, when I do this I am getting an…
kjbartel
  • 10,381
  • 7
  • 45
  • 66
6
votes
1 answer

Verify Authenticode of an exectuable with C# .NET 4.0

We deliver an executable to a client-service which starts this executable in a new process after downloading it from our servers. The executable is signed (authenticode) with the CodeSigning-Certificate of our company and now i'd like to verify,…
Sven Eppler
  • 1,646
  • 1
  • 15
  • 26
6
votes
2 answers

Using EV Certificate With ClickOnce

My company purchased an EV Certificate from Symantec to use for a software product we produce. Specifically it is called: Symantec Class 3 Extended Validation Code Signing CA – G2. To develop and build this product we use Visual Studio 2013, and we…
Drew Stoddard
  • 297
  • 3
  • 12
6
votes
2 answers

What happened to signwizard in signtool of Windows SDK 7.0?

I'm looking for the convenient signwizard in signtool.exe but cannot find it anymore in the Windows SDK 7.0. Is it in a separate tool now or is there only the CLI left?
Marc
  • 9,012
  • 13
  • 57
  • 72
6
votes
3 answers

"The certificate in the signature cannot be verified" for Thawte certificate

I need to sign Application.exe file with the certificate that is stored in company.pfx. So, i used signtool: signtool.exe sign /p password /f company.pfx /t http://timestamp.verisign.com/scripts/timestamp.dll /v Application.exe The following…
cctor
  • 91
  • 1
  • 1
  • 7
1 2 3
22 23