Hey @KillerInstinct, I noticed your TODO in digisig.py. I ran into a similar issue with updating root certs for IE. After lots of googling, I came up with two solutions:
Or, browse a trusted site like Wikipedia over Tor, which has a cert that has been signed by a CA that is old enough to be trusted out of the box. while browsing, IE/Win7 will download and update root certs in the background, even with Windows Update disabled.
I'm not sure if the web root CA update also applies to code signing, but I figure it's worth a try.
Hey @KillerInstinct, I noticed your TODO in
digisig.py. I ran into a similar issue with updating root certs for IE. After lots of googling, I came up with two solutions:Use this tool from Microsoft
http://download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/rootsupd.exe
Or, browse a trusted site like Wikipedia over Tor, which has a cert that has been signed by a CA that is old enough to be trusted out of the box. while browsing, IE/Win7 will download and update root certs in the background, even with Windows Update disabled.
I'm not sure if the web root CA update also applies to code signing, but I figure it's worth a try.