We need to dual sign our binaries with SHA1 and SHA2 using signtool.exe, our certificate supports 256-bit SHA2. Using the Windows 8 SDK's signtool: e.g.: signtool.exe sign /as /fd sha256 /t http...

I am trying to write code that reads signatures (certificates) from DLLs or and EXEs. Most DLLs or EXEs have only one signature, and my code reads all certificates associated with this signature co...

I have an Authenticode certificate (.pfx) which I use to sign executables. How can I configure Team Build so that it signs every single executable (.exe, .dll, ...) automatically while building th...

I am looking for a method, using PowerShell only, to list the certificate chain for signed files. Specifically to get the Root certificate. As I need to get a list of which Non-Microsoft root cert...

There are many sites that explain how to run signtool.exe on a .pfx certificate file, which boil down to: signtool.exe sign /f mycert.pfx /p mypassword /t http://timestamp.server.com \ /d "My des...

Trying to get my head around authenticode code-signing and strong-naming. Am I right in thinking that if I code-sign an exe that references a few dlls (not strong named) that a malicious user coul...

I wish to parse and display the contents of an Authenticode PKCS#7 signature as extracted from a Window PE binary's Security Directory. I can use OpenSSL to do this on the command line with "opens...

I created a wix bundle which was working properly before codesigning. After googling and checking wix documentation, I got to know that I need to use insignia.exe for code signing the wix bundle. P...

I am running SignTool with the following command: signtool sign /f keyfile.pfx /p mypassword pathToMsiFile.msi and i get the following error: SignTool Error: An unexpected internal error has occ...

I am getting a code signing certificate for my open source projects. I have a couple of questions about them: Being a unregistered company that develops open source projects, is there a way...

All right, I'm not doing something right, and I need some help. Here's what's happening: I have a "real" Authenticode certificate from Comodo that I have paid for. I'm trying to sign and deploy a...

I'm trying to resolve WiX RemotePayload hashes, but I'm not sure how the CertificatePublicKey attribute is found. Take, for example, the .NET 4.0 Package definition from WiX 3.6 sources: <Fra...

Is it acceptable practice to install an Authenticode code signing certificate directly on a build server to create a production signed build? I’m looking for some resources on the net that suggest ...

My company purchased a Driver Signing Certificate from Go Daddy. I used it to sign a simple INF file that is a driver for some of our USB devices that use Microsoft's usbser.sys. Everything seems t...

In my C#/.NET application I have to check if a given executable is digitally signed (preferably without Exception testing.) Then I need to check if its certificate is valid (based on installed ro...

I'm trying to write a C# program that verifies the digital signature of exe's. The exe's are signed with an authenticode certificate, and I want to detect tampering. I've been able to create a Sig...

I'm using CAPICOM in a .NET 3.0 C# app to check an Authenticode signature on an exe file. I need to make sure that the certificate is listed as a Trusted Publisher. Using signedCode.Verify(true) wi...

It is a good practice to always sign executable files (exe, dll, ocx, etc.). On the other hand, with an open source project it may considered disregarding the contributions to the project from all ...

I have a C++ Windows app. I sign our installer and my executable, but I don't currently sign my DLLs (such as zlib1.dll). It is not a big deal to sign those as well, but can someone explain what th...

I am implementing an automatic update feature and need some advice on how to do this securely using best practices. I would like to use the downloaded file's Authenticode signature to verify that i...

Having read about strong names in .NET here, for example, I have the following question: We have an Authenticode code signing certificate with which we sign all our EXE, DLL and MSI files. The ben...

I'm getting a very odd result when running an executable that has been digitally signed. The executable was signed using signtool.exe using a proper level 2 code signing certificate (not self-gene...

I feel like I'm missing something obvious here, but I don't see it written anywhere. I sign my executables using an Authenticode certificate, but as I've started to learn a bit more about it, I am...

I'm trying to sign an ActiveX control with a code signing certificate issued by Thawte. I was able to successfully sign the control using signtool.exe. When I look at the file properties, it says ...

I'm looking for the convenient signwizard in signtool.exe but cannot find it anymore in the Windows SDK 7.0. Is it in a separate tool now or is there only the CLI left?