I have two code signing certificates (one SHA-1, one SHA-256) which I'd like to apply to the same file. I tried to append the SHA-256 certificate, but this fails: :: Signs with the SHA-1 certifica...

If I have a self-signed certificate that is not in the machine's trusted root certificate store, how can I verify that a PE file is Authenticode-signed using that certificate without adding that ce...

We need to verify that binary files are signed properly with digital signature (Authenticode). This can be achieved with signtool.exe pretty easily. However, we need an automatic way that also veri...

We publish an update patch to our software package in a single executable file. The file is signed with an Authenticode digital signature, using the certificate issued to us. The file is downloaded...

We deliver an executable to a client-service which starts this executable in a new process after downloading it from our servers. The executable is signed (authenticode) with the CodeSigning-Certi...

TL;DR Question Does the expiry of the Timestamp Certificate have any bearing on the validity of the signed file (under normal Windows operation)? Preamble The basics of Code Signing and Timestampin...

We recently purchased a DigiCert EV code signing certificate. We are able to sign .exe files using signtool.exe. However, every time we sign a file, it prompts for the SafeNet eToken password. Ho...

When signing my ClickOnce deployment via Visual Studio's project "Signing" settings page I specified our SHA2 (SHA256) EV Authenticode certificate and publish. After publishing and attempting to...

I am currently checking that the digital signature of windows installer files (.msi) is valid in C# using the WinVerifyTrust api. I am also verifying that the thumbprint from the signature is from ...

Universal Windows apps are in .appx file, which is simply a zip of a bunch of files and metadata. Most of the metadata files are extensively documented on the Microsoft website and are trivial to p...

I'm working on a project where we are remotely deploying software using a configuration management, part of which delivers PowerShell scripts to Windows servers, which are then executed in order to...

I am working on deploying a ClickOnce Application build on .NET 4.5 Here are the facts: I have a valid Comodo Authenticode Certificate The certificate is installed in my local cert store The proj...

On Windows, there is Authenticode to sign .NET Core / .NET 5 assemblies (please note that I am not referring to Strong Name Signing which is different). This prevents tampering and guarantees authe...

I recently purchased an authenticode certificate from globalsign and am having problems signing my files for deployment. There are a couple of .exe files that are generated by a project and then pu...

I am writing an assembly information application to be used in our software build process and am trying to read the digital signature information from a signed .Net assembly. I want to do in my C#...

I'm having trouble signing a .NET Standard 2.0 assembly using the Set-Authenticode powershell function as part of an Azure DevOps pipeline. I have written a little bit of powershell to go through a...

I just purchased a code signing cert (MS authenticode) from THAWTE and have installed it apparently on my build machine. I am logged in as a user and when I open a cmd prompt I can sign EXEs using ...

I am trying to authenticode sign a .NET application with a new code signing certificate on Windows Server 2008 R2 x64 with VS2010 installed, but SignTool keeps responding with Access is denied: Si...

So I am signing a binary using signtool from the Windows SDK 8.1: "C:\Program Files (x86)\Windows Kits\8.1\bin\x64\signtool.exe" sign /a /i Symantec /ac C:\utils\MSCV-VSClass3.cer /ph /t "http://t...

I am using a standard (i.e. not EV) Authenticode code signing certificate to sign a Windows desktop application in the hope that Smartscreen Filter will eventually stop blocking it. I was hoping t...

I created an application which comprises a number of *.exe files. I've packaged these up into an NSIS installer which I hosted on my website. When I try to download it Chrome reports it as potentia...

I've been struggling for awhile to amend this code sample from Microsoft that shows (somewhat outdated) way how to retrieve a code signature information from an executable file. It works but it doe...

I'm facing a rather interesting issue in regards to Authenticode signing an UWP appxbundle file. Some background: The client provided us with a SafeNet USB token containing the signing certificate...

We recently tried out digitally signing our .NET binaries. We have a Windows Service which typically starts up within 10 seconds. However after we started digitally signing it, the time increased t...

I've a build script which signs a file with a digital certificate (Microsoft Authenticode). I want to create a test script which checks that the file is successfully signed. It's sufficient with a ...