本文介绍了双签名.cat文件的错误为“主题中没有签名”。的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用以下命令行(使用从Symantec购买的证书对驱动程序的Windows .sys和.cat文件进行双重签名(sys和cat文件都使用相同的选项签名):

I'm dual-signing a windows .sys and .cat files for a driver using a certificate purchased from Symantec with the following command lines (the sys and cat files are both signed with the same options):

signtool.exe标志/ v / ph / n MyCorp / ac C:\Signing\VeriSign Class 3 Public Primary Certification Authority-G5。 cer / i VeriSign 3类代码签名2010 CA / t http://timestamp.verisign.com/scripts/timstamp.dll MyDriver.cat

signtool.exe标志/ v / ph / n MyCorp / ac C:\Signing\VeriSign Class 3 Public Primary Certification Authority-G5.cer / i Symantec 3类SHA256代码签名CA / tr http://timestamp.geotrust.com/tsa / as / fd sha256 / td sha256 MyDriver.cat

Signtool.exe退出时报告成功。当我通过右键单击签名文件,选择属性并转到数字签名选项卡来查看签名时,我会看到两个签名。 sha1签名似乎不错。当我查看.sys文件上的sha256证书的详细信息时,一切看起来都很好。但是,当我在.cat文件上查看sha256证书的详细信息时,会看到以下错误:

Signtool.exe reports success when it exits. When I view the signatures by right clicking the signed files, choosing Properties, go to Digital Signatures tab, then I see the two signatures. The sha1 signature seems fine. When I view the details of the sha256 certificate on the .sys file, everything looks good. But, when I view the details of the sha256 certificate on the .cat file, I see the following error:

驱动程序不会安装在我配置为认为SHA1在2015年1月1日(而不是它们到期的实际日期,即2016年1月1日)的Window7盒上)。

The driver won't install on a Window7 box that I configured to believe SHA1 was deprecated on 1st January 2015 (rather than the real date when they expire which is 1st Jan 2016).

我在说:

引用试图以a回绕的方式说不能对.cat文件进行双重签名?

Is that quote trying to say in a roundabout way that .cat files cannot be dual signed?

应如何对cat文件进行签名,以便它们可以在所有版本上安装

How should cat files be signed so that they will install on all versions of windows?

推荐答案

.cat文件似乎无法进行双重签名。
我的解决方案是使用SHA256证书对.cat文件进行签名,但使用signtool命令行选项创建SHA1签名。
与驱动程序关联的.sys文件仍然可以进行双重签名。
这似乎可以在我需要的所有情况下使用。

It does seem that .cat files cannot be dual signed.My solution was to sign the .cat file using a SHA256 certificate, but with signtool command line options to create a SHA1 signature.The .sys file associated with the driver I was still able to dual sign.This seems to be working in all the scenarios I need.

这篇关于双签名.cat文件的错误为“主题中没有签名”。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-30 13:01