Visual studio 当我从atlassian竹子运行时，signtool无法对安装程序进行签名_Visual Studio_Code Signing_Bamboo_Code Signing Certificate_Signtool

Visual studio 当我从atlassian竹子运行时，signtool无法对安装程序进行签名

visual-studio

Visual studio 当我从atlassian竹子运行时，signtool无法对安装程序进行签名,visual-studio,code-signing,bamboo,code-signing-certificate,signtool,Visual Studio,Code Signing,Bamboo,Code Signing Certificate,Signtool,我正在尝试将Bambol的代码签名自动化，以实现内部安全措施签名命令： signtool.exe sign /v /debug /f "\\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /t "http://timestamp.verisign.com/scripts/timstamp.dll" "c:\test\installer.msi" 我使用的是我们IT部门内部生成的证书，格式为.pfx 核查： signtoo

我正在尝试将Bambol的代码签名自动化，以实现内部安全措施

签名命令：

signtool.exe sign /v /debug /f "\\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /t "http://timestamp.verisign.com/scripts/timstamp.dll" "c:\test\installer.msi"

我使用的是我们IT部门内部生成的证书，格式为.pfx

核查：

signtool verify /pa "c:\test\installer.msi"

如果我从本地机器（与bamboo服务用户相同的用户）命令窗口运行，这两个命令都可以很好地工作。当我从Atlassian Bambol将其作为脚本任务运行时，它失败了

它在“完成添加附加存储”处停止。之后不会出现错误或成功消息

在下面，成功的签名打印在下面，这是我从localhost运行时所产生的

.........
Done Adding Additional Store
Successfully signed: c:\test\installer.msi

Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0

这就是我在竹子上运行相同命令时看到的结果

build   20-Jan-2017 08:05:07    The following certificates were considered:
build   20-Jan-2017 08:05:07        Issued to: RnD Software Engineering
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <....>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <...........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <...........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued to: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued to: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    After EKU filter, 3 certs were left.
build   20-Jan-2017 08:05:07    After expiry filter, 3 certs were left.
build   20-Jan-2017 08:05:07    After Private Key filter, 1 certs were left.
build   20-Jan-2017 08:05:07    The following certificate was selected:
build   20-Jan-2017 08:05:07        Issued to: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    The following additional certificates will be attached:
build   20-Jan-2017 08:05:07        Issued to: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    Done Adding Additional Store

非常感谢您的帮助。

我使用不同的时间戳服务器解决了这个问题。下面的命令是从竹内联脚本任务中执行的

signtool.exe sign /v /debug /f "\\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /tr "http://sha1timestamp.ws.symantec.com/sha1/timestamp" "c:\test\installer.msi"

谢谢你发布这个。有趣的是/tr对你有用，而对我没有。我不得不改用/t，否则时间戳在我的竹竿作业中失败，出现了“此函数不受支持”之类的情况。

signtool.exe sign /v /debug /f "\\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /tr "http://sha1timestamp.ws.symantec.com/sha1/timestamp" "c:\test\installer.msi"