Stack Overflow
Stack Overflow

Questions tagged [signtool]

The SignTool tool is a command-line tool that digitally signs files, verifies signatures in files, or time stamps files.

The SignTool tool is a command-line tool that digitally signs files, verifies signatures in files, or time stamps files. For information about why signing files is important, see Introduction to Code Signing. The tool is installed in the \Bin folder of the Microsoft Windows Software Development Kit (SDK) installation path.

SignTool is available as part of the Windows SDK, which you can download.

342 questions
4
votes
2 answers

Is there an open source alternative to signtool from Microsoft to sign exes with sha2?

We need to sign Windows software with sha2 algorithm but installing signtool seems to be a problem, since I am having difficulties to install the software on my machines. Moreover, I would like to sign the exes on linux. We used to perform the task…
user1102074
  • 59
  • 1
  • 7
4
votes
1 answer

Resolve "the signature of foo.exe is corrupt or invalid" in IE

When users try and download my installer, after download is complete, IE11 on Windows 10 presents the error "the signature of foo.exe is corrupt or invalid" Signtool reports the signature to be valid. Microsoft confirms a bug in IE9 and IE10 could…
Roland Rabien
  • 8,750
  • 7
  • 50
  • 67
4
votes
3 answers

SignTool Error: No certificates were found that met all the given criteria

It's been 2 full days that I'm trying to sign my exe using SignTool and kSign. I bought a SSL certificate from COMODO for my domain (used for https on apache). Now I'm trying to sign my exe using the same certificate and the same private key used.…
ademers
  • 967
  • 3
  • 15
  • 24
4
votes
1 answer

How does Windows link a pe file to its signature in a catalog file?

Running signtool.exe verify /a /v C:\Windows\notepad.exe I can see the signature for notepad.exe is in C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntexe.cat. How does signtool know that is where the signature exists for this…
vfxGer
  • 311
  • 3
  • 12
3
votes
1 answer

Unable to sign code with code-signing certificate

We purchased the Microsoft Authenticode certificate from Thawte. Now I have it in a PFX file. I try the following: D:\sign>signtool sign /f ./cert/cert.pfx /p mypass /t http://timestamp.verisign.com/scripts/timstamp.dll "mySetup.exe" Done Adding…
WindBridges
  • 693
  • 2
  • 11
  • 23
3
votes
2 answers

C#: How to detect tampering of authenticode signed file

I'm trying to write a C# program that verifies the digital signature of exe's. The exe's are signed with an authenticode certificate, and I want to detect tampering. I've been able to create a SignedCms instance as described here: Get timestamp from…
user974839
  • 31
  • 1
  • 2
3
votes
1 answer

How is SafeNet eToken 5110 different from SafeNet eToken 5100?

My EV code signing certificate is expiring, and I'm thinking about changing provider. However the new provider(Trust zone) is providing a SafeNet eToken 5100, the one I have now is a SafeNet eToken 5110. My questions are these: What are the…
DaniFlex
  • 31
  • 5
3
votes
3 answers

SignTool: can't sign XLSM (DOCM)

I have a litte problem with Microsoft SignTool.exe. I have installed Windows 10 SDKs and Office SIPs to support macro enabled documents. Then I followed readme to activate dlls and made all the changes, including: Installed - Microsoft Visual C++…
Dmytro
  • 372
  • 2
  • 12
3
votes
1 answer

Signing (in Inno Setup) with SignTool fails with "SignTool Error: Invalid command: /d"

I had to replace my C drive and I just set up Inno Setup sign tools again. My signtool value is: "C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x64\signtool.exe" $p It was failing so I tried at the command line: "C:\Program Files…
Andrew Truckle
  • 17,769
  • 16
  • 66
  • 164
3
votes
0 answers

How to make publisher known in setup.exe as UAC already recognizes it?

Although there are plenty of code signing and click once deployment questions out there, I could not find something that matches my scenario. The setup.exe is signed properly, as it seems. When I execute it as an admin (to force UAC to appear), it…
Igor Kondrasovas
  • 1,479
  • 4
  • 19
  • 36
3
votes
1 answer

Automatically signing ALL compiled output files

I have a .net-core 3.1 project (Microsoft.NET.Sdk.Web) in gitlab, and am setting up a CI/CD pipeline for it. As the final step, I want to have all the .dll and .exe output files signed by our key. I can do this by manually putting in some…
Alex Ray
  • 71
  • 1
  • 5
3
votes
0 answers

Add intermediate certificates to signatures in signtool

I'm trying to sign an executable using Microsoft's signtool.exe The private key lives in an HSM and can not be taken out. So, i had to get the "public" part of the certificate in a .cer file and used below command to sign signtool.exe sign /v /f…
GAR
  • 81
  • 4
3
votes
1 answer

Signtool.exe succeeds but zero signatures are added to the file

I'm writing a custom CNG provider (Key Storage Provider) to allow signing using our private HSM API in Signtool.exe I implemented the APIs in my CNG provider and successfully installed in my Windows 10 system. Command: signtool.exe sign /v /debug /f…
GAR
  • 81
  • 4
3
votes
1 answer

AzureDevops Build Pipeline SignToolPath

The error message when running the msbuild.exe command in the pipeline: Error MSB3482: An error occurred while signing: SignTool.exe was not found at path D:\Agent_work\16\s\My.App\signtool.exe. But in the MSBuild Parameters I specified the…
Matthias Herrmann
  • 2,650
  • 5
  • 32
  • 66
3
votes
1 answer

UWP - SignTool Error: No certificates were found that met all the given criteria

I'm getting this error after our company changed its AD domain. UWP app development with VS 2019 and Windows 10 (1903) C:\Program Files (x86)\Microsoft Visual…
SurenSaluka
  • 1,534
  • 3
  • 18
  • 36
1 2 3
22 23