Signing a package with .pfx code signing certificate

Similar Messages

• ADT error with comodo code signing certificate

  Hello,
  I'm trying to sign an AIR app with a Comodo code signing cert.
  - SHA-256 with RSA Encryption
  - Java 1.8 (same problem with 1.6)
  - AIR 15 (same problem with older versions)
  My command :
  java -jar -Xmx1024m /data/sdk/AIRSDK_Compiler15/lib/adt.jar  -sign -storetype pkcs12 -storepass ******* -keystore cert/air-distrib.p12 bin-release/TestCert.airi bin-release/TestCert.air
  I get the following error :
  Exception in thread "main" java.lang.OutOfMemoryError: Java heap space
      at java.util.Arrays.copyOf(Arrays.java:3181)
      at java.util.ArrayList.grow(ArrayList.java:261)
      at java.util.ArrayList.ensureExplicitCapacity(ArrayList.java:235)
      at java.util.ArrayList.ensureCapacityInternal(ArrayList.java:227)
      at java.util.ArrayList.add(ArrayList.java:458)
      at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2026)
      at java.security.KeyStore.load(KeyStore.java:1433)
      at com.adobe.ucf.UCF.processSigningOptions(UCF.java:313)
      at com.adobe.ucf.UCF.parseSigningOptions(UCF.java:298)
      at com.adobe.air.ADT.parseSign(ADT.java:1589)
      at com.adobe.air.ADT.parseArgsAndGo(ADT.java:598)
      at com.adobe.air.ADT.run(ADT.java:435)
      at com.adobe.air.ADT.main(ADT.java:485)
  When i increase java memory at 8go, java uses 6go and don't stop... (nothing after 20 minutes...)
  Any idea ?
  ADT or cert problem ? Other ?
  Thx.
  Jonas

  Yeah !
  The certificate was generated in firefox...
  Import it into IE and regenerate the certificate fixed the problem
  Jonas

• How to sign a 509certificate with another non CA certificate

  Hi,
  How to sign a x509 certifcate with another certificate (not CA)? does keytool helps?

  you will probably want to use OpenSSL. google around for how to setup your own certificate authority, such tutorials usually include instructions on signing and importing with keytool etc.

• Signing into iCloud with a new sign in.

  I have recently changed my AppleID and signed out of the Mac ICloud selecting "delete" on all the prompts.  I have signed in using the correct new AppleID and password but on the sign in screen the "loading circle" has been showing for the last hour. Is this re-downloading? or is it not responding??

  Sign out of old email and sign in with new.

• Signing submission package with HCK Studio fails

  Hi,
  When trying to replace a driver in Windows Hardware Certification Kit selecting "Use the certificate store" the tool crashes with the exceptions stated below.
  This seems to be the same problem as posted by pruf on Tuesday, May 13, 2014 9:43 AM. However, installing the latest QFE as proposed by JasonAdams(MSFT) did not fix the issue.
  I am using"Windows HCK 2.1 for Windows 8.1,7, and Server" (Version 8.100.26795, which is the latest one)  on a Windows 7 (64bit) PC.
  HCK crashes with the following message:
  System.ArgumentException: Der OID-Wert war ungültig.
     bei System.Security.Cryptography.X509Certificates.X509Utils.ValidateOidValue(String keyValue)
     bei System.Security.Cryptography.X509Certificates.X509Certificate2Collection.FindCertInStore(SafeCertStoreHandle safeSourceStoreHandle, X509FindType findType, Object findValue, Boolean validOnly)
     bei System.Security.Cryptography.X509Certificates.X509Certificate2Collection.Find(X509FindType findType, Object findValue, Boolean validOnly)
     bei Microsoft.Windows.Kits.Hardware.UI.Views.PackageDialog.PackageDialogOKButtonClick(Object sender, RoutedEventArgs e)
     bei System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs routedEventArgs)
  ....

  Hi Mudit,
  I only have the studio installed.
  As far as I know "studio + controller" is only possible on Windows Server.
  Any ideas?
  Thanks,
  Christian

• Odi  packages with unix code

  Hi Experts
  I have a set of Odi Packages and want to run this code in an unix server.
  Can you Please guide me in the same.
  Edited by: 945367 on Jul 15, 2012 10:52 PM

  Hi Sutirtha, any documents on how to install ODI agent in Unix box?
  Edited by: user13599912 on Jul 19, 2012 11:48 AM
  Edited by: user13599912 on Jul 19, 2012 11:49 AM
  Edited by: user13599912 on Jul 19, 2012 11:49 AM

• Business Service sign a message with always same certificate

  Hello,
  We  need to call an external web service that require the request be signed by a certificate.
  Our organization has an Oracle Service Bus and our intention is use the bus to facilitate our clients the calls.
  I did the next steps:
  1.- I Have configured the keystore of OSB with the certificated.
  2.- I have made the business service, with the end-point the external ws.
  3.- I Have configured the sign-body ws-policy in business service.
  4.- When i prove it with debug console of OSB, i select the keystore provider and it works.
  The problem is:
  When I make the Proxy Service seems that the Business Service give the requirement to the Proxy for sign the message,  and what I want is publish the Proxy Service without this requirement and sign the message with always the same certificate.
  I would like the message was signed by Proxy Service or Business Service, and not by clients who call the OSB.
  I don't know how configure it on OSB.
  It is possible to configure OSB in that way?
  Thanks
  Miguel

  Hello,
  Can you please confirm the following
  1. You are setting up an expired certificate as the host certificate for your host (or) are you trying to sign an ASPX file with an expired certificate?
  2. The webserver where you are hosting this ASPX (IIS I presume), has only certificate based authentication enabled - is that right?
  3. You are seeing that when the user opens the website they are prompted that the certificate has expired, and even if they chose to move forward, they are not able to - is that the issue?
  4. If (3) is not the issue and you want to be able to get access to the certificate-expiration error as part of the ASPX code, then that wouldn't be possible because the certificate validation would happen as part of the TLS connection negotiation
  If you can please provide some more details, it will help.
  Thank you

• What code signing certificate has to be added for Adobe Air Native Installer?

  Hi,
  I'm developing Adobe Air application. I need to digitally verify the application to add the publisher's name with the product. I did a little research and came to know that Symantec, Thawte, Comodo, Comodo-Tucows, Digicert, Godaddy and couple of others are doing this.
  Yes. I'm talking about the Code Signing Certificate. My question is, What code signing certificate has to be added for Adobe Air Native Installer? The reason is, The native installer will have an extension .exe ( Windows ) and .dmg ( MAC OS X ).
  These guys are providing certificate for Adobe Air. For instance, If the application is exported using Native Installer in Windows, The application will have an .exe extension. For this, Can I use the same Adobe Air code signing certificate or Should I go for Microsoft Autheticode ( for .exe ) certificate?
  Thanks in advance.

  I think comodo code signing certificate is one of the nice option to be added for Adobe Air, as i have seen comodo code signing certificate in other adobe programs. Recently i bought comodo code signing from https://cheapsslsecurity.com/comodo/codesigningcertificate.html, to sign one of my adobe application and it works fine, you can use microsoft authenticode technology with comodo code signing.

• Using a Code Signing Certificate for download on Azure

  Currently, I have a hosted web application and Web API on a VM that I use to allow users to download an executable file that is signed with a Code Signing certificate. My question is how would I do the same thing with a Web Role or Cloud Service?  The
  goal is to move to PAAS in Azure with our web application.
  Thanks for any help in advance.

  I appreciate the link to the article, but I don't need an SSL certificate, I need a code signing certificate.  I'm afraid this post does not help me at all.  What I need is a certificate to sign my downloadable applications with.  I have
  an .exe file that users can download, and I need those people to know my code can be trusted, which is why I need the code signing certificate.  My problem is how do I utilize this with a Web Role or Cloud Service?

• Using code signing certificate results in classnotfoundexception

  We are running a certificate authority on windows 2012. Our programming section developed a java application on linux and wanted to code sign it. They created a csr and sent it to me. I created a duplicate of the built in code signing template and used it
  to create a code signing certificate, which I sent back to the programmer. He used the certificate to sign the application jar file, and everything seemed ok. But when we try running the application we get a 'classnotfoundexception' for the main class of the
  program. Just to be sure it was not a fluke I wrote a small test applet and went through the same procedure of creating a csr, creating the certificate, and code signing the jar file, and ended up getting the same exact error.
  The programmer tried creating a self signed certificate on linux and using that to code sign the jar file, and the program runs successfully. Of course there is a warning that the certificate is untrusted, which is why we ant to use the windows created certificate
  to sign the application since the root certificate in on everyone's computer.
  Is there anything special needed to be done to get  the windows created certificate to successfully sign a java application?

  Hi David, did you ever get it to work signing the applet with an Active Directory Certificate Services certificate?
  We are exeperiencing the same issue.  The odd thing is that after we get the ClassNotFoundException error, we click on the error and then click reload and then it loads fine.  At this point we are probably going to try purchasing a certificate
  to see if ADCS was the problem.  Curious to see if you had any luck.  Thanks.

• Missing Code Signing Certificate in Profile Manager

  Hi everyone,
  Firstly, I'm not a professional and managing a server isn't in my skill set.  I have an old Mac mini running the Mavericks server to dabble with.
  Recently, the code-signing certificate (I assume self-signed) disappeared from Profile Manager for the option to "Sign configuration profiles" – no idea why, and I'm struggling to get it back, it just doesn't appear in the drop down.
  Under "Certificates" in Server.app, and within Keychain Access; it's still in the system and can be seen, where there are two of them.
  I've tried renewing both of these through Server.app to see if that would be a quick fix, but nothing.
  Could someone advise me on how to create a new verified code signing certificate for use with profile manager?
  Kind regards,
  Jamie

  Tried again.  Destroyed OD and recreated – code signing appears.  Reboot machine, code signing disappears.
  I tried exporting out the Code Signing Cert before rebooting the machine and reimporting after it disappears only to get "This profile cannot be used to sign profiles".
  Any idea what could be breaking the code-signing on reboot? Really bizarre.

• Code signing from cli in 10.6

  Hello,
  I'm new to code signing on OS 10.6 and I assumed it works the same way as 10.5.  I installed my Mac pk12 Thawte certificate into my login keychain.
  No matter how I try to sign with codesign on either an unsigned code or previously signed by another party, I get the same error: code object is not signed
  $ codesign –sign ‘My code signing certificate" --force --verify file.dmg
  File.dmg:  code object is not signed
  $  codesign –d –v --verbose file.dmg
  File.dmg: code object is not signed
  Any suggestions on how to resolve this?
  Thanks,
  -Sean

  Well, a few weeks ago this site used a .dmg as an example, but since have changed the example to be for .app:
  http://www.digicert.com/code-signing/mac-os-codesign-tool.htm
  And I misunderstood the development team I support.  I thought they were signing their .dmg with a self-signed test certificate during development but it turns out they were not. 
  Can someone from Apple Support please list the file types that codesign in OS 10.6.7 will sign?

• Adobe Pro 11.0.10 patch has expired code signing cert

  I can not patch my Adobe 11.0.0 installation to 11.0.10 using the automated process.
  I manually downloaded 11.0.10 from this location: http://ardownload.adobe.com/pub/adobe/acrobat/win/11.x/11.0.10/misc/AcrobatUpd11010.msp
  The MD5 of this MSP per my own check is 4cb5979f49bc5112731da0cce036ac66, while the SHA1 is 8b4130df183f69ab77f9f6748f2e535be5d3336e.
  This download is signed with a code signing certificate issued by Symantec Class 3 Extended Validation Code Signing CA.  The signature has a thumbprint of 111aa9b0c6da43594bb2ad3052567c12ef8d9607.  This certificate expires later this year.
  During the install I receive an error because it extracts a file to c:\config.msi which is code signed with a code signing certificate issued by Verisign Class 3 Code Signing 2010 CA.  The certificate has a thumbprint of 70d566df844f3e2d9ac31e518256e7b6f2de9272.  The certificate expired 9/20/2013.  Today is 5/4/2015.  The install fails on this file.
  The certificate thumbprint for the Verisign Class 3 Code Signing 2010 CA intermediate authority is 495847a93187cfb8c71f840cb7b41497ad95c64f.   This itself is signed by VeriSign Class 3 Public Primary Certification Authority - G5 having a thumbprint of 4eb6d578499b1ccf5f581ead56be3d9b6744a5e5.
  The failing file with the invalid code signing certificate has an MD5 checksum of bddf785233f9d2b3ae43d72822fb74bc and SHA1 of 78e7e15c8baea3c6befc7336d153254777912bd4.  This appears to be amtlib.dll which is part of Adobe AMT Licensing.   These hashes are available on services such as Virus Total and Herd Protect.
  Would it be possible for Adobe to release a 11.0.11 patch that has this issue fixed?  
  Thank you,
  Edwin Davidson.

  Back up all data.
  Launch the Font Book application and validate all fonts. You must select the fonts in order to validate them. See the built-in help and this support article for instructions. If Font Book finds any issues, resolve them.
  From the application's menu bar, select
  File ▹ Restore Standard Fonts...
  You'll be prompted to confirm, and then to enter your administrator login password.
  Start up in safe mode to rebuild the font caches. Restart as usual and test.
  Note: If FileVault is enabled, or if a firmware password is set, or if the startup volume is a Fusion Drive or a software RAID, you can’t start in safe mode. In that case, ask for instructions.
  Also note that if you deactivate or remove any built-in fonts, for instance by using a third-party font manager, the system may become unstable.

• Free Code Signing website

  Dear all,
  I found a free Code Signing website (http://www.ascertia.com/OnlineCA/codesign.aspx?linkID=40) and I followed their guide (How does object signing work with Ascertia Code Signing Digital IDs). In the step 4 in their guide, I met blow error message.
  C:> keytool �import �alias MyCert �file TestNew.cer
  keytool error: java.lang.Exception: Failed to establish chain from reply
  If someone available could you visit their website and test their free code signing service? I�m not sure about where is the source of this error, my side or their side. If someone success the code sign their site, can you explain your steps? I will appreciate your reply.
  Thank you,

  Hi,
  what file format did you use when you exported the certificates? I used p7b and when it asked to browse for the file , i used the same file (certficate) that was generated by ascertia site. am i doing the right thing?? after i exported all the certificates, i used the import command to import my certificate which is the p7b file, and i got the error message public keys in reply and keystore dont match.
  according to their instructions, it mentions that I should submit the CSR that i get after i execute certreq command , then save the CSR as .cer then execute the import command. I got the error message, failed to establish chain from reply.
  so i followed your instructions about the p7b file, and it didnt work for me. i might be doing something wrong when i export the certificates.
  could you please give me instructions on how to do that.
  I appreciate your help.
  Thanks
  M

• Code Signing the binaries in WebSite Project

  Hi,
  To do code signing automatically when building the project, Post-build
  event is used. Command-line will be given in post-build event and signing,timestamping will be done on successful build. Post-build event option is available for Windows Application,Web Application. But for WebSite Projects, there are
  no post-build events.
  Kindly let me know is there are any alternate option for automatically signing
  the Website Project after publishing the project. Please let us know if there is any option
  through IDE.
  Shankar S

  Well, a few weeks ago this site used a .dmg as an example, but since have changed the example to be for .app:
  http://www.digicert.com/code-signing/mac-os-codesign-tool.htm
  And I misunderstood the development team I support.  I thought they were signing their .dmg with a self-signed test certificate during development but it turns out they were not. 
  Can someone from Apple Support please list the file types that codesign in OS 10.6.7 will sign?