当我来自 atlassian Bamboo 运行 时,signtool 无法为安装程序签名
signtool fails to sign installer when i am running from atlassian Bamboo
我正在尝试从 Bamboo 自动执行代码签名以实现内部安全措施。
签名命令:
signtool.exe sign /v /debug /f "\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /t "http://timestamp.verisign.com/scripts/timstamp.dll" "c:\test\installer.msi"
我使用的是 IT 部门内部生成的证书,格式为 .pfx。
验证:
signtool verify /pa "c:\test\installer.msi"
如果我 运行 从本地机器(与 bamboo 服务用户相同的用户)命令 window,这两个命令都可以正常工作。当我从 Atlassian Bamboo 运行 作为脚本任务时,它失败了。
它停在 "Done Adding Additional Store"。此后没有错误或成功消息出现。
最后打印成功签名,这是我从本地主机 运行ning 时出现的。
.........
Done Adding Additional Store
Successfully signed: c:\test\installer.msi
Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
如果我从 Bamboo 运行 使用相同的命令,这就是我所看到的。
build 20-Jan-2017 08:05:07 The following certificates were considered:
build 20-Jan-2017 08:05:07 Issued to: RnD Software Engineering
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <....>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <...........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <...........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 After EKU filter, 3 certs were left.
build 20-Jan-2017 08:05:07 After expiry filter, 3 certs were left.
build 20-Jan-2017 08:05:07 After Private Key filter, 1 certs were left.
build 20-Jan-2017 08:05:07 The following certificate was selected:
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 The following additional certificates will be attached:
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Done Adding Additional Store
验证日志
build 20-Jan-2017 08:05:07 File: c:\abc\installer.msi
build 20-Jan-2017 08:05:07 Index Algorithm Timestamp
build 20-Jan-2017 08:05:07 ========================================
build 20-Jan-2017 08:05:08
build 20-Jan-2017 08:05:08 Number of errors: 1
error 20-Jan-2017 08:05:08 SignTool Error: No signature found.
非常感谢任何帮助。
我能够使用不同的时间戳服务器解决问题。以下命令来自 Bamboo 内联脚本任务。
signtool.exe sign /v /debug /f "\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /tr "http://sha1timestamp.ws.symantec.com/sha1/timestamp" "c:\test\installer.msi"
我正在尝试从 Bamboo 自动执行代码签名以实现内部安全措施。
签名命令:
signtool.exe sign /v /debug /f "\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /t "http://timestamp.verisign.com/scripts/timstamp.dll" "c:\test\installer.msi"
我使用的是 IT 部门内部生成的证书,格式为 .pfx。
验证:
signtool verify /pa "c:\test\installer.msi"
如果我 运行 从本地机器(与 bamboo 服务用户相同的用户)命令 window,这两个命令都可以正常工作。当我从 Atlassian Bamboo 运行 作为脚本任务时,它失败了。
它停在 "Done Adding Additional Store"。此后没有错误或成功消息出现。
最后打印成功签名,这是我从本地主机 运行ning 时出现的。
.........
Done Adding Additional Store
Successfully signed: c:\test\installer.msi
Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
如果我从 Bamboo 运行 使用相同的命令,这就是我所看到的。
build 20-Jan-2017 08:05:07 The following certificates were considered:
build 20-Jan-2017 08:05:07 Issued to: RnD Software Engineering
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <....>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <...........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <...........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 After EKU filter, 3 certs were left.
build 20-Jan-2017 08:05:07 After expiry filter, 3 certs were left.
build 20-Jan-2017 08:05:07 After Private Key filter, 1 certs were left.
build 20-Jan-2017 08:05:07 The following certificate was selected:
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 The following additional certificates will be attached:
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Done Adding Additional Store
验证日志
build 20-Jan-2017 08:05:07 File: c:\abc\installer.msi
build 20-Jan-2017 08:05:07 Index Algorithm Timestamp
build 20-Jan-2017 08:05:07 ========================================
build 20-Jan-2017 08:05:08
build 20-Jan-2017 08:05:08 Number of errors: 1
error 20-Jan-2017 08:05:08 SignTool Error: No signature found.
非常感谢任何帮助。
我能够使用不同的时间戳服务器解决问题。以下命令来自 Bamboo 内联脚本任务。
signtool.exe sign /v /debug /f "\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /tr "http://sha1timestamp.ws.symantec.com/sha1/timestamp" "c:\test\installer.msi"