SignerSign() failed. (-2146869243/0x80096005)

Question

I\'ve been signing compiled apps for several months and have a script that calls the Windows 10 SDK signtool. It\'s been working fine on two different computers and my cert

Answer 1

"C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64\signtool.exe" sign /tr http://timestamp.sectigo.com/?td=sha256 /td sha256 ....

the /?td=sha256 actually working, but recommend using their new domain name http://timestamp.sectigo.com and need add extra parameter /td sha256

Answer 2

Same here. The issue was the demise of the comodoca.com timestamp server.

I switched to using DigiCert:

"C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64\signtool.exe" sign /tr http://timestamp.digicert.com ...

UPDATE 2 (perplexed nailed it) comodoca.com actually still works fine, you just need to add a /td sha256 switch to your signtool.exe command, like this:

"C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64\signtool.exe" sign /tr http://timestamp.comodoca.com /td sha256 ...

It seems DigiCert is throttling the number of timestamps they give out anyway, so I had to switch back. BTW note that you can still use any digital cert from any cert authority, it doesn't have to be from DigiCert to use their timestamp server.