Why I get “The specified PFX password is not correct” when trying to sign application with signtool?

Question

I followed this link to sign my exe application.

• I installed SDK tool on Windows 7,

• run C:\\Program Files\\Microsoft SDKs\\Windows

Answer 1

Just stumbled accross this question when receiving a similar error with a DigiCert code signing certificate just on some machines.

Turns out I had selected SHA256 encryption instead of TripleDES-SHA1 when exporting the certificate and one of our build machines is still running Windows Server 2012 R2. This OS is obviously not capable of decrypting the certificate then, resulting in the same (irritating in this case) error message.

UPDATE: The same behaviour also occurs on Azure Devops classic pipelines using Hosted VS2017 pipeline and a DigiCert certificate.

The new YAML pipelines work with the SHA256