Open woodruffw opened 1 year ago
Specifically, it should have the following CA chain:
CA (codeSigning:TRUE) -> EE (codeSigning:FALSE)
This should be rejected by conforming Authenticode implementations.
(The script that generates this should probably look pretty close to the existing sign.ps1 script, but with a CA hierarchy instead of a direct cert.)
sign.ps1
Specifically, it should have the following CA chain:
This should be rejected by conforming Authenticode implementations.