Context Navigation

Changes between Version 13 and Version 14 of BuildingTapWindows6

Timestamp:: 04/22/16 15:21:20 (6 years ago)
Author:: Samuli Seppänen
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

BuildingTapWindows6

-                      v13
+                      v14
 signtool.exe sign /v /ac <cross-certificate> /t <timestamp-url> /s My /n <subjectname> <file>
 }}}
+Examples:
+{{{
+signtool.exe sign /v /s My /n OpenVPN /ac digicert-assured-id-ca-root.crt /t http://timestamp.digicert.com /fd SHA1 tap6/amd64/tap0901.cat
+signtool.exe sign /v /f digicert-sha1-codesigning.pfx /p <pfx-password> /ac digicert-assured-id-ca-root.crt /as /t http://timestamp.digicert.com /fd SHA1 tap6/amd64/tap0901.cat
+}}}
+Example of adding two signatures and timestamps (required signtool.exe from Windows Kit 10):
+Example of adding two signatures and timestamps. This requires a relatively recent signtool.exe (e.g. from Windows Kit 10):
 {{{
 # Create primary (SHA1) signature (certificate in a pfx file)
+signtool.exe sign /v /f digicert-sha1-codesigning.pfx /p <pfx-password> /ac digicert-assured-id-ca-root.crt /fd SHA1 tap6/amd64/tap0901.cat
+signtool.exe timestamp /tr http://timestamp.digicert.com /td SHA1 /tp 1 tap6/amd64/tap0901.cat
+signtool.exe sign /v /f digicert-sha1.pfx /p <pfx-password> /ac digicert-assured-id.crt /t http://timestamp.digicert.com /fd SHA1 tap6/amd64/tap0901.cat
 # Add secondary (SHA2) signature (certificate in the certificate store)
 signtool.exe sign /v /s My /n OpenVPN /ac digicert-extended-validation-ca-root.crt /as /fd SHA256 tap6/amd64/tap0901.cat
+signtool.exe sign /v /s My /n OpenVPN /ac digicert-high-assurance-ev.crt /as /fd SHA256 tap6/amd64/tap0901.cat
 signtool.exe timestamp /tr http://timestamp.digicert.com /td SHA256 /tp 1 tap6/amd64/tap0901.cat
 }}}