This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ssglogic
Level 4
‎Feb 22, 2021 06:48 AM

Sectigo Code signing

In such a large community which is Live for so many years, there is no one using Sectigo code signing successfully ?

 

If there is one - Kindly tell me - what is the timestamp server you are using in Install shield ?

Labels (1)
Labels
0 Kudos
(2) Replies
banna_k
Revenera
Revenera
‎Apr 25, 2022 10:19 AM

@ssglogic 

Can you try the below time stamp server. 

http://timestamp.sectigo.com

Reference : https://sectigo.com/faqs/detail/Signing-with-an-Extended-Validation-Code-Signing-Certificate/kA03l000000c4TX

0 Kudos
ssglogic
Level 4
In response to banna_k
‎Apr 26, 2022 12:12 AM

simply http://timestamp.sectigo.com does not work.

It even stops me in signing.

If I say -

<DigitalSignature TimestampRFC3161 = "http://timestamp.sectigo.com"/>

Then it allows me to sign the files - but does not time stamp.

I believe, if the above statement can be modified to do timestamp also - many will be benefited.

For the time being - I do time stamping of the setup.exe outside using signtool.

One need to also be aware that the manifest files should have sha256 instead of sha1 - whether it is IS manifests or application manifests.

 

Hope this will help others.

0 Kudos