已签名和带时间戳的可执行文件执行失败,并且未显示正确的详细信息
[英]Signed and Time stamped Executable failed executing and does not show proper details
问题描述
Please note that this issue is only applicable for Windows Server 2008 SP2 
请注意,此问题仅适用于Windows Server 2008 SP2
I have developed one windows application. 我开发了一个Windows应用程序。 Prior distributing it I have signed and time stamped it using SHA1 and SHA256. 在分发之前,我已使用SHA1和SHA256对其进行了签名和时间戳。 This application is formed with multiple DLLs. 此应用程序由多个DLL组成。 I am signing each DLL during build process. 我在构建过程中签署每个DLL。 I have used certificate from VeriSign. 我使用过VeriSign的证书。 At the time of execution, when application is launched it verify the signature and time stamp of each DLL to ensure integrity using WinVerifyTrust API. 在执行时,启动应用程序时,它会验证每个DLL的签名和时间戳,以确保使用WinVerifyTrust API完整性。 I am getting "E_CERT_EXPIRED - Signer's Certificate was expired" error during validation. 验证期间我收到“E_CERT_EXPIRED - 签名者证书已过期”错误。
Also, I am not able to see the time stamping details in property page of the executable. 此外,我无法在可执行文件的属性页中看到时间戳细节。 Please see below - 请看下面 -
Now, that certificate is expired but according to this SO article What happens when a code signing certificate expires? 现在,该证书已过期但根据此SO文章代码签名证书到期时会发生什么? . 。 The executable should run perfectly without any problem. 可执行文件应该完美运行没有任何问题。
I have also checked for this KB suspecting the cause but fix related to this KB is already applied. 我还检查了这个KB怀疑原因,但已经应用了与此KB相关的修复。 Can anybody share more light on this? 任何人都可以分享更多的亮点吗?
1 个解决方案
解决方案1
1 2017-10-19 19:36:42
You cannot sign with expired certificate, it not works (you see results yourself). 你不能用过期的证书签名,它不起作用(你自己看到结果)。 What you can do is to sign with valid certificate and then signed application will not expire because of valid timestamp at the time of signing. 您可以做的是使用有效证书进行签名,然后签名的应用程序将因签名时的有效时间戳而不会过期。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.