SignTool Error: ISignedCode::Sign returned error: 0x80092006

Question

I\'m signing an EXE program with a certificate issued by a trusted CA. I\'m using signtool.exe from the Windows SDK v6.0a.

The certificate is located in the computer

Answer 1

The problem is that your service process cannot access your private key, which is stored under your account.

Log on into the account that is running the web service and import the private key into a key container. You can do this for example using the strong name tool (sn.exe) of .NET:

sn -i MyCertificate.pfx MyCodeSigningKey

Now, change your build script to use this key container:

signtool sign /sm /a /v /csp "Microsoft Strong Cryptographic Provider" /kc MyCodeSigningKey 

/kc specifies the key container. /kc requires that you specify the "CSP" (Cryptographic Service Provider) via the /csp switch. "Microsoft Strong Cryptographic Provider" is the default provider used by sn.