You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I encountered a problem with signing .app files using signtool.exe after switching to a new code signing certificate. Previously, I used a .pfx file locally, but since transitioning to the new setup, signtool successfully signs .dll and other file types, but fails with .app files.
I am using the Install-NAVSipCryptoProviderFromNavContainer to get the NavSip.dll file but still get the same issue. I've also updated the ContainerHelper library and tried with different versions of SDK.
Scripts used
# Define variables
$containerName = "dev2"
$signtoolPath = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.20348.0\x86\signtool.exe"
$timestampUrl = "http://ts.ssl.com"
$certThumbprint = "[CERTIFICATE THUMBRINT]"
$appFilePath = "C:\temp\sign\test.app"
# Step 1: Install the required NAVSipCryptoProvider from the specified container
Install-NAVSipCryptoProviderFromNavContainer -containername $containerName
# Step 2: Use Invoke-Expression to run signtool.exe with the defined variables
Invoke-Expression "& '$signtoolPath' sign /fd sha256 /tr $timestampUrl /td sha256 /sha1 $certThumbprint '$appFilePath'"
Full output of scripts
Copy SIP crypto provider from container dev2
Copy from container dev2 (C:\Windows\System32\NavSip.dll) to C:\Windows\System32\NavSip.dll
Copy from container dev2 (C:\Windows\SysWow64\NavSip.dll) to C:\Windows\SysWow64\NavSip.dll
Cannot find path 'C:\Windows\SysWow64\NavSip.dll' because it does not exist.
Container Free Physical Memory: 15.4Gb
Disk C: Free 121Gb from 127Gb
Services in container dev2:
C:\Windows\SysWow64\NavSip.dll doesn't exist.
C:\Windows\System32\NavSip.dll successfully registered.
Done Adding Additional Store
Number of errors: 1
signtool.exe : SignTool Error: This file format cannot be signed because it is not recognized.
At line:1 char:1
+ & 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.20348.0\x86\signto ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (SignTool Error:...not recognized.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
SignTool Error: An error occurred while attempting to sign: C:\temp\sign\test.app
...
The dev2 container is using insider version BC 24.6.24915.0.
The text was updated successfully, but these errors were encountered:
If you have the certificate in Azure KeyVault - you can use dotnet sign.
You can also use signtool - but none of these options are (or will be) supported from BcContainerHelper.
I encountered a problem with signing .app files using signtool.exe after switching to a new code signing certificate. Previously, I used a .pfx file locally, but since transitioning to the new setup, signtool successfully signs .dll and other file types, but fails with .app files.
I am using the Install-NAVSipCryptoProviderFromNavContainer to get the NavSip.dll file but still get the same issue. I've also updated the ContainerHelper library and tried with different versions of SDK.
Scripts used
Full output of scripts
The dev2 container is using insider version BC 24.6.24915.0.
The text was updated successfully, but these errors were encountered: