Hello,
Is there any way that SB could use the thumbprint of the certificate rather than the PFX and password?
Signtool works perfectly using the /SHA1 tag and the certificate thumbprint. Everything else is the same. I always thought that it shells out or calls signtool to codesign itself.
Right now I have it working by turning off the Add a Digital Signature, Installer Integrity Check and Verify Code-Signed At Startup.
FYI - I have the same problem in anything that auto-codesigns during/after a compile.
Is there another work around for this?

Thanks :)

Hello,

yes, we have completely rewritten the code-signing stuff in the new version. We are using the thumbprint now. BTW, we are waiting for our new Microsoft Thrusted Signing access. After that, we'll finish development of the code-signing module. We have an EV code-signing and an EV in the cloud certificate now and it's working fine!

I'll keep you posted. It would great, if you could test it when available.

Friedrich

That's sounds great!
I don't have an EV certificate, it's a standard one, but it still has the keys in the cloud.

Let me know whenever you're ready.

I think a standard (cloud) certificate should work fine, too. Just the identity background check for EV is different.

I'll come back to you when I am ready with the new code-signing module.

Thank you for your help!

Friedrich