代码签名 - >出版商:未知 - 拥有正确的链条

时间:2012-06-24 14:02:46

标签: authenticode ca signtool

解决!

希望你们能帮忙!

首先关闭。我已经阅读了我在SO上找到的每篇文章,以及MSDN等等。

我正在尝试签署一个installshield exe。

我有一个godaddy代码签名证书,根本没有签署证书的问题。我所遇到的问题是无论我做什么,我都会在其他所有计算机上获得Publisher Unknown。

见下面的输出。

底线:我在签署证书时没有遇到任何问题,但在UAC提示期间无法删除未知的发布商错误(测试计算机可以访问互联网)

另外:如果我在验证时省略了/ kp选项,我得到:SignTool错误:处理了证书链,但终止于信任提供商不信任的根证书。

最终更新: 如果我运行verify / pa / v temp \ setup.exe,我在验证方面取得了成功,但在未知发布上仍然出错。 / kp选项在此符号上使用不正确。

步骤: %SIGNTOOL%sign / v / ac%BUILDROOT %% CERTPATH %% MSCERT%/ f%BUILDROOT %% CERTPATH %% CERT%/ p%CERTPW%/ n“%COMPANY%”/ t%TIMESTAMP %% BUILDROOT %% TEMPPATH %\ SETUP.EXE

输出: 选择了以下证书:     发给:%COMPANY NAME%     发布者:Go Daddy安全证书颁发机构 - G2     到期日:2013年6月22日星期六14:07:27     SHA1哈希:612A38DDED199101442B09D884ED718BBE00D252

交叉证书链(使用机器商店):     颁发给:Microsoft Code Verification Root     发布者:Microsoft Code Verification Root     到期日:周六11月01日09:54:03 2025     SHA1哈希:8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3

    Issued to: Go Daddy Root Certificate Authority - G2
    Issued by: Microsoft Code Verification Root
    Expires:   Thu Apr 15 16:07:40 2021
    SHA1 hash: 842C5CB34B73BBC5ED8564BDEDA786967D7B42EF

        Issued to: Go Daddy Secure Certificate Authority - G2
        Issued by: Go Daddy Root Certificate Authority - G2
        Expires:   Sat May 03 03:00:00 2031
        SHA1 hash: 27AC9369FAF25207BB2627CEFACCBE4EF9C319B8

            Issued to: %COMPANY NAME%
            Issued by: Go Daddy Secure Certificate Authority - G2
            Expires:   Sat Jun 22 14:07:27 2013
            SHA1 hash: 612A38DDED199101442B09D884ED718BBE00D252

完成添加额外商店 已成功签名并加盖时间戳:c:\ build \ temp \ setup.exe

成功签名的文件数:1 警告次数:0 错误数:0

验证

验证:c:\ build \ temp \ setup.exe 文件散列(sha1):62F814EFC81400AD938AB9D9D49B36F7175A098A

签署证书链:     发给:去爸爸根证书颁发机构 - G2     发布者:Go Daddy Root Certificate Authority - G2     到期日:Thu Dec 31 19:59:59 2037     SHA1哈希:47BEABC922EAE80E78783462A79F45C254FDE68B

    Issued to: Go Daddy Secure Certificate Authority - G2
    Issued by: Go Daddy Root Certificate Authority - G2
    Expires:   Sat May 03 03:00:00 2031
    SHA1 hash: 27AC9369FAF25207BB2627CEFACCBE4EF9C319B8

        Issued to: %COMPANY NAME%
        Issued by: Go Daddy Secure Certificate Authority - G2
        Expires:   Sat Jun 22 14:07:27 2013
        SHA1 hash: 612A38DDED199101442B09D884ED718BBE00D252

签名有时间戳:Sun Jun 24 09:57:57 2012 时间戳验证者:     发给:Thawte Timestamping CA     发布者:Thawte Timestamping CA     到期日:Thu Dec 31 19:59:59 2020     SHA1哈希:BE36A4562FB2EE05DBB3D32323ADF445084ED656

    Issued to: VeriSign Time Stamping Services CA
    Issued by: Thawte Timestamping CA
    Expires:   Tue Dec 03 19:59:59 2013
    SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D

        Issued to: Symantec Time Stamping Services Signer - G3
        Issued by: VeriSign Time Stamping Services CA
        Expires:   Mon Dec 31 19:59:59 2012
        SHA1 hash: 8FD99D63FB3AFBD534A4F6E31DACD27F59504021

交叉证书链:     颁发给:Microsoft Code Verification Root     发布者:Microsoft Code Verification Root     到期日:周六11月01日09:54:03 2025     SHA1哈希:8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3

    Issued to: Go Daddy Root Certificate Authority - G2
    Issued by: Microsoft Code Verification Root
    Expires:   Thu Apr 15 16:07:40 2021
    SHA1 hash: 842C5CB34B73BBC5ED8564BDEDA786967D7B42EF

        Issued to: Go Daddy Secure Certificate Authority - G2
        Issued by: Go Daddy Root Certificate Authority - G2
        Expires:   Sat May 03 03:00:00 2031
        SHA1 hash: 27AC9369FAF25207BB2627CEFACCBE4EF9C319B8

            Issued to: %COMPANY NAME%
            Issued by: Go Daddy Secure Certificate Authority - G2
            Expires:   Sat Jun 22 14:07:27 2013
            SHA1 hash: 612A38DDED199101442B09D884ED718BBE00D252

成功验证:c:\ build \ temp \ setup.exe

成功验证的文件数:1 警告次数:0 错误数:0

解决!

问题是exe安装程序中的MSI。 setup.exe文件已签名,但是当解压缩并运行msi内部时,该文件未签名。签了两个,错误就消失了!!!

0 个答案:

没有答案