signtool - the specified PFX password is not correct from new machine

爷,独闯天下 提交于 2020-02-25 04:25:24

问题


I'm new to code signing and I'm trying to create as secure a process for signing our code as possible. I created a .pfx file by exporting my certificate from IE and created a password for it. I'm able to sign code using the pfx file with the following command:

signtool.exe sign /f mypfx.pfx /p mypass myexetosign.exe

This works fine, so I copied signtool.exe, the pfx file, and a different executable to sign to a USB flash drive. I took the USB flash drive to a second computer and tried the same command again, but this time I get SignTool Error: The specified PFX password is not correct. I'm certain the password is correct. Is there an extra step I'm missing to move this to another machine? My ultimate goal is to do the code signing in an offline static environment.


回答1:


What I've encountered is that during the export, the encryption of the pfx is SHA256 or 3DES-SHA1.

If importing on a different machine, make sure the same SDK is used, so the same encryption can be used to decrypt.

The error explains this, if you try to decrypt with the wrong encryption, garbage comes out, which could be the result of a wrong password as well

Related stackoverflow question: Why I get "The specified PFX password is not correct" when trying to sign application with signtool?



来源:https://stackoverflow.com/questions/51548158/signtool-the-specified-pfx-password-is-not-correct-from-new-machine

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!