Good day,
I have received a p7s file, but are struggling to convert it to be used with microsoft’s signtool.
Trying on Mac: I’ve imported the file into “Keychain Access”. But right-clicking “Export”, does not allow me to export to a p12 file, only to a “cer”, "pem, “p7b”.
Trying on Windows 7: I’ve open the p7s with certmgr, from there I select the certificate right-click “Export” choose PFX and enter my password. And the pfx file is created. But I cannot seem to get it to work with signtool utility.
I’ve tried the following command:
signtool.exe sign /f ProsenseComodo.pfx /p /d “Prosense Technology” /t http://timestamp.comodoca.com/authenticode /a myprogram.msi
SignTool Error: No certificates were found that met all the given criteria.
signtool.exe sign /f ProsenseComodo.pfx /p /csp “Microsoft Strong Cryptographic Provider” /k “” /d “Prosense Technology” /t http://timestamp.comodoca.com/authenticode myprogram.msi
SignTool Error: Multiple certificates were found that meet all the given
criteria. Use the /a option to allow SignTool to choose the best
certificate automatically or use the /sha1 option with the hash of the
desired certificate.
The following certificates meet all given criteria:
Issued to: COMODO Code Signing CA 2
Issued by: UTN-USERFirst-Object
Expires: 5/30/2020 12:48:38 PM
SHA1 hash: B64771392538D1EB7A9281998791C14AFD0C5035
Issued to: Prosense Technology
Issued by: COMODO Code Signing CA 2
Expires: 12/19/2015 1:59:59 AM
SHA1 hash: AFDB7378EEAE06E6235F9AA6ACD24A22FC598CE2
Issued to: UTN-USERFirst-Object
Issued by: AddTrust External CA Root
Expires: 5/30/2020 12:48:38 PM
SHA1 hash: 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Number of errors: 1
I then choose the /a option, but I do not know the private key container, so this also fails.
Can someone please advise me on the path to follow to get my msi signed?
Regards,
Magda