Open rkirimov opened 1 year ago
Happens to us too.
I'm not sure there is anything Squirrel can do here, we are invoking SignTool.exe from the SDK - if you can't sign executables, you're kinda out of luck. If your company has a Microsoft Support contract I would contact them and see if they can tell you more about this
It's worth noting that the version of signtool.exe which ships with Squirrel is very old - from the Windows 7 SDK. It might be worth trying to replace signtool.exe with a newer version - eg. from the Windows 10 or Windows 11 SDK. My fork of Squirrel has been updated to use v10.0.19041.
I had this exact issue and solved it by setting the SQUIRREL_TEMP environment variable to a directory path that our build process had access to. If you don't set the SQUIRREL_TEMP env var, your process will use the default %LocalAppData%\SquirrelTemp location, which for an Administrator provisioned account that is never used outside of a build process is actually in the reserved system32 directory (C:\Windows\system32\config\systemprofile\AppData\Local\SquirrelTemp). I figured that the signtool.exe process when squirrel runs it, might have problems writing to this directory, so I added the env var to override it, and was then able to once again sign without issue. Hope it helps!
Squirrel version(s) version 2.0.1
Description The build sign fails on fresh Windows install with the following error:
This only happens on brand new Windows systems (before
jenkins
user logs in for the first time). As soon as I log in asjenkins
user, the build succeeds. I've been desperately trying to figure out the cause of this behavior and how to fix it.Do you know what could be causing this behavior?
Steps to recreate
D:\jenkins\workspace\PR-3775\node_modules\electron-winstaller\vendor\signtool.exe sign /a /f "D:\loc\cert\cert.p12" /p "****" D:\jenkins\workspace\PR-3775\squirreltemp\tempa\lib\net45\ffmpeg.dll
Expected behavior File to be signed successfully.
Actual behavior The command fails with the aforementioned error