I have a windows executable that was generated on a linux machine using Installbuilder. I would like to codesign it but I cannot do it on a linux machine. I have tried two different linux utilities for this, osslsigncode and Mono´s signcode.
The Mono´s signcode displays the following output when run:
Mono SignCode - version 18.104.22.168 Sign assemblies and PE files using Authenticode(tm). Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD licensed.
Enter password for key.pvk: PASSWORD
Then I move the file to a windows machine and check the signature and there is none. I used a program called PE Viewer to look into the exe file and the certificates are there but a link checksum and a real checksum do not match.
When running the osslsigncode utility, I get the following error message:
Enter PEM pass phrase:
Corrupt PE file - current signature not at end of file: Installer.exe
and no output file is generated.
This would indicate that the linux utilities are somewhat broken when it comes to codesigning. So I tried another exe file, notepad++.exe to be exact, and I signed that on the linux machine with Mono´s signcode and that worked perfectly.
There is no problem codesigning my installer on a windows machine but since my build procedures are all based on linux I would prefer have the codesigning there as well.
Do you guys have any idea what is going on? Is there a difference in how these executables are structured?
With regards, Elvar
Please sign in to leave a comment.