Visual studio 2008 已签名/已验证的.exe提供未知发布者
Visual Basic Express 2008,开发了vb.net数据库应用程序。在Win7 x64 PC上 我更改了构建配置。管理器到平台:x86,因此.exe同时在x86和x64机器上运行。最后一个答案是: 从Symantec/Verisign购买MS Authenticode证书,收到证书,安装在浏览器中。已将证书从浏览器导出到.pfx。在VS属性/签名选项卡中,选中签名程序集,然后导航到.pfx 生成后,使用signtool对.exe进行签名Visual studio 2008 已签名/已验证的.exe提供未知发布者,visual-studio-2008,code-signing,Visual Studio 2008,Code Signing,Visual Basic Express 2008,开发了vb.net数据库应用程序。在Win7 x64 PC上 我更改了构建配置。管理器到平台:x86,因此.exe同时在x86和x64机器上运行。最后一个答案是: 从Symantec/Verisign购买MS Authenticode证书,收到证书,安装在浏览器中。已将证书从浏览器导出到.pfx。在VS属性/签名选项卡中,选中签名程序集,然后导航到.pfx 生成后,使用signtool对.exe进行签名 signtool.exe sign /a
signtool.exe sign /ac "c:\users\me\desktop\debugv6\winCert.cer" /s MY /t http://timestamp.verisign.com/scripts/timestamp.dll /n "Our Company Inc." /v c:\users\me\desktop\debugv6\db.exe
The following certificate was selected:
Issued to: Our Company Inc.
Issued by: VeriSign Class 3 Code Signing 2010 CA
Expires: 7/31/2014 6:59:59 PM
SHA1 hash: xxlongStringxx
Done Adding Additional Store
Attempting to sign: c:\users\me\desktop\debugv6\db.exe
Successfully signed and timestamped: c:\users\me\desktop\debugv6\db.exe
Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
然后使用signtool进行验证
signtool.exe verify /pa /v c:\users\me\desktop\debugv6\db.exe
Verifying: c:\users\me\desktop\debugv6\db.exe
SHA1 hash of file: xxlongStringxx
Signing Certificate Chain:
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: 7/16/2036 6:59:59 PM
SHA1 hash: xxlongStringxx
Issued to: VeriSign Class 3 Code Signing 2010 CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: 2/7/2020 6:59:59 PM
SHA1 hash: xxlongStringxx
Issued to: Our Company Inc.
Issued by: VeriSign Class 3 Code Signing 2010 CA
Expires: 7/31/2014 6:59:59 PM
SHA1 hash: xxlongStringxx
The signature is timestamped: 7/31/2013 4:18:46 PM
Timestamp Verified by:
Issued to: Thawte Timestamping CA
Issued by: Thawte Timestamping CA
Expires: 12/31/2020 6:59:59 PM
SHA1 hash: xxlongStringxx
Issued to: Symantec Time Stamping Services CA - G2
Issued by: Thawte Timestamping CA
Expires: 12/30/2020 6:59:59 PM
SHA1 hash: xxlongStringxx
Issued to: Symantec Time Stamping Services Signer - G4
Issued by: Symantec Time Stamping Services CA - G2
Expires: 12/29/2020 6:59:59 PM
SHA1 hash: xxlongStringxx
Successfully verified: c:\users\me\desktop\debugv6\db.exe
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
问题
从WinXP 32位系统启动.exe时,我得到了发布者:我们公司。太棒了。
但是当从一些Win7 x64机器启动时,我得到了publisher:Unknown
任何人都有这个问题。以前
谢谢 简短回答
VeriSign有两个†路径用于其当前代码签名证书。我们使用G5作为根。另一种(更兼容)使用G5作为中间体。解决方案不仅是添加二级中间层(正如您已经做的那样),还包括一级中间层:.长答案检查有问题机器上的证书存储是否找到根(VeriSign G5),例如,使用Start»Execute»mmc.exe»菜单文件»add Snap in»证书(计算机,本地)»添加»受信任的第三方证书。如果没有,我知道这五种备选解决方案:备选方案A(在有问题的机器上)
(它安装了几个新根,包括“VeriSign Class 3 Public PCA–G5”)
过期日期:Wed Jan 01 19:59:59 2014
SHA1哈希:14FCF0BB187D563B568EEA5FC888A53D288698D6
(此中间链接直接指向“3级公共初级认证机构”,无需G5)备选方案E见简短答案。VeriSign对SSL/TLS也有同样的功能。因此,要了解更多详细信息,请查看†实际上有三条路径:G5 CA作为根路径,G5 CA作为中间路径,以及旧的2010 CA。G5 CA作为根路径是有问题的路径。示例(根据备选方案E签名)是Adobe Reader(当前版本11.0.0.5)和Apple AirPort Utility(当前版本为v5.6.1)。顺便说一句,和也有类似的指南