Login/Register
SignTool Error: The specified algorithm cannot be used or is invalid
Asked Answered
windows-store-appswindows-storesigntoolappx
P

3

10

I am trying to use Visual Studio 2012 Express to sign my appx file for a windows store app, but get the following error:

SignTool Error: The specified algorithm cannot be used or is invalid

I am running the process through the STORE->Create App Packages menu, so I don't have direct access to the parameters for SignTool.

At first I thought it was because it was using a self-signed certificate from one of our other developers, so I changed to use our real certificate and still have the same problem.

Any ideas what could cause this and how to fix it?

EDIT: Suspected that the issue was that our normal certificate didn't support SHA-256, so I created a new test certificate in Visual Studio, but got the same result.

EDIT2: Verified that the hash algorithm in my appx package is SHA256, tried to run SignTool manually with the following command:

SignTool sign /a /f My_TemporaryKey.pfx /fd SHA256 /v /debug MyAppPackage.appx

Same error, no helpful information in the console messages.

Proconsulate answered 2/9, 2014 at 20:17 Comment(1)
Have bumped into the same problem...have you found any solution or workaround ?Moulin
S
5

I used older version of signtool.exe.

Update path in environment variable to older one.

Not working

"C:\Program Files (x86)\Windows Kits\10\bin\10.0.22000.0\x64"

Working

"C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x64"
Stomy answered 11/4, 2022 at 11:3 Comment(1)
I got it working, when I switched to older version. ThanksAlluring
C
0

This happens when the certificate is not installed in the PC where you are trying to sign the application.

Install the .pfx file in the PC and then try to sign your application again.To install it, right click on the certificate and click on Install. Then follow the procedures to install it in your local computer.

Counterfactual answered 8/7, 2019 at 4:36 Comment(0)
S
0

In my case, after dozens of successfull executables files signatures using current company certificate on a legacy Windows XP development machine, I started getting the same error, which seems misleading.

To overcome it I had to change my usual timestamp server, which is a SignTool's optional parameter /t or /tr, as suggested by Daniel Georgiev. In this case, I chose http://timestamp.comodoca.com

The solution, since I usually import company's certificates into my Windows User Certificates Store (*) was as followed.

(*) After importing you certificate, there's no need to specify .pfx anymore during signing process.

Signtool.exe sign /t http://timestamp.comodoca.com /a /n "FileToBeSigned.exe" /v "MyExeFullPath"

In case, it still fails, I suggest you check this compreensive Alternative Timestamp Servers

Sagittarius answered 9/5, 2020 at 23:0 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.