How to verify that timestamping is done correctly for signed code

Question

I have just got my code signing certificate from StartSSL and am trying to sign our installer.

The signing process goes well and I get an installer exe that Windows no l

Answer 1

There is a difference between the "Signing Time" and the Timestamp from the "Stamping Signer". The Signing time is the time when you actually signed the code, when the timestamp is from the "stamping signer" (the certificate server).

Signing with the certificate issuer timestamp will actually make sure that your signature is still valid even if your certificate already expired.