如何解决无法使用 HSM 上的 EV 代码签名证书对 MSI 文件进行签名
我们使用 EV 代码签名证书设置了云 HSM。
对于签名,我们使用:
- Windows Server 2019,版本 1809,x64
- Windows 套件 10,版本 10.0.19041.0
我能够对驱动程序、.exe 文件和其他文件进行签名。 问题是当我尝试对 .MSI 文件的安装程序进行签名、使用 WiX 构建并嵌入了 cab 时。 使用命令:
signtool.exe sign /debug /v /s My /n "CERT_NAME_HERE" /ac .\digicert-high-assurance-ev.crt /as /fd sha256 Setup.msi
这个输出根本没有帮助:
The following certificates were considered:
Issued to: -
Issued by: DigiCert EV Code Signing CA (SHA2)
Expires: -
SHA1 hash: -
After EKU filter,1 certs were left.
After expiry filter,1 certs were left.
After Subject Name filter,1 certs were left.
After Private Key filter,1 certs were left.
The following certificate was selected:
Issued to: -
Issued by: DigiCert EV Code Signing CA (SHA2)
Expires: -
SHA1 hash: -
Cross certificate chain (using machine store):
...
The following additional certificates will be attached:
Issued to: DigiCert High Assurance EV Root CA
Issued by: Microsoft Code Verification Root
Expires: -
SHA1 hash: -
Issued to: DigiCert EV Code Signing CA (SHA2)
Issued by: DigiCert High Assurance EV Root CA
Expires: -
SHA1 hash: -
Done Adding Additional Store
SignTool Error: This file format cannot be signed because it is not recognized.
SignTool Error: An error occurred while attempting to sign: Setup.msi
Number of files successfully Signed: 0
Number of warnings: 0
Number of errors: 1
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
