I got the certificate today, and exported it from Internet Explorer into a .PFX file, password-protected. No problems.
I downloaded the latest Micrsoft Dev SDK for Vista (to get the latest version of Signtool.exe). I signed a test file with the following command:
D:\Progs>signtool.exe sign /f our.pfx /p [my cert password] /t Timestamp Server And Stamping Protocols | Sectigo® Official testfile.dll
That gives the following output:
–
Done Adding Additional Store
Successfully signed and timestamped: testfile.dll
So, that looks fine. Then, to verify, I run:
D:\Progs>signtool.exe verify /a /v testfile.dll
that gives the following output:
–
Verifying: testfile.dll
Unable to verify this file using a catalog.
SHA1 hash of file: EDC32B6C13164A164CC161DC56CCC746F33546A0
SignTool Error: A certificate chain processed, but terminated in a root
certificate which is not trusted by the trust provider.
Signing Certificate Chain:
Issued to: UTN-USERFirst-Object
Issued by: UTN-USERFirst-Object
Expires: 7/9/2019 1:40:36 PM
SHA1 hash: E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Issued to: Smaller Animals Software, Inc
Issued by: UTN-USERFirst-Object
Expires: 2/16/2009 6:59:59 PM
SHA1 hash: 5E1293B0F89DBB781173DEEDDD323F87E14377ED
The signature is timestamped: 2/17/2008 3:59:04 PM
Timestamp Verified by:
Issued to: UTN-USERFirst-Object
Issued by: UTN-USERFirst-Object
Expires: 7/9/2019 1:40:36 PM
SHA1 hash: E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Issued to: Comodo Time Stamping Signer
Issued by: UTN-USERFirst-Object
Expires: 5/16/2010 6:59:59 PM
SHA1 hash: 95B2B8E34EB2CB768144ED07433EF0A3AFCAEEC0
SignTool Error: File not valid: testfile.dll
Number of files successfully Verified: 0
Number of warnings: 0
Number of errors: 1
I’ve run the root update and installed the Comodo Code Signing CA.
Any ideas what’s going on ?