Closed rfcdejong closed 3 years ago
Seems it is related to the timestamp server from GlobalSign I figured out that calling the interop method "mssign32.SignerSignEx3(..)" sometimes returns the error
-tr http://rfc3161timestamp.globalsign.com/advanced -td SHA256 -> random success, random fail every time -tr http://timestamp.digicert.com -td SHA256 ran several times -> 84 projects in row fine, several times tested.. all time good
digicert is also way faster for timestamping
Yep, see #123, #116, #117. Digicert and Sectigo seem to do fine.
Missed those issues somehow . Closing
I implemented AzureSignTool with our EV cert which is on HSM -> Azure Key Vault. Signing binaries and executables work fine using an application id with secret that has access to it. I can also do it manually after cloning the sources and compiling it.
Now I have a project that signs using timestamping
Run 1: info: AzureSignTool.Program[0] Successful operations: 251 info: AzureSignTool.Program[0] Failed operations: 969
Run 2: (should be identical) info: AzureSignTool.Program[0] Successful operations: 248 info: AzureSignTool.Program[0] Failed operations: 972
It was hard to find the 3 files being different, but I found one. What does error 8009310B mean?
Might it be some timestamping going wrong? It looks randomly...