不知道为什么,但当使用Symantec的时间戳服务器进行代码签名时,它将过期时间设置为2020年。这使得使用时间戳服务器失去了意义,因为我的程序仍然会过期。
以下是使用signtool.exe验证时间戳应用程序的输出:
Signature Index: 0 (Primary Signature)
Hash of file (sha1): A6F0CEC09F02900D7977C60A87567031D0D96C7A
Signing Certificate Chain:
Issued to: thawte Primary Root CA
Issued by: thawte Primary Root CA
Expires: Wed Jul 16 19:59:59 2036
SHA1 hash: 91C6D6EE3E8AC86384E548C299295C756C817B81
Issued to: Thawte Code Signing CA - G2
Issued by: thawte Primary Root CA
Expires: Fri Feb 07 19:59:59 2020
SHA1 hash: 808D62642B7D1C4A9A83FD667F7A2A9D243FB1C7
Issued to: My Company
Issued by: Thawte Code Signing CA - G2
Expires: Tue Aug 11 19:59:59 2015
SHA1 hash: E45B4CBFBA095DB9465F2371C161EF500201561B
The signature is timestamped: Wed Oct 22 12:15:44 2014
Timestamp Verified by:
Issued to: Thawte Timestamping CA
Issued by: Thawte Timestamping CA
Expires: Thu Dec 31 19:59:59 2020
SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656
Issued to: Symantec Time Stamping Services CA - G2
Issued by: Thawte Timestamping CA
Expires: Wed Dec 30 19:59:59 2020
SHA1 hash: 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Issued to: Symantec Time Stamping Services Signer - G4
Issued by: Symantec Time Stamping Services CA - G2
Expires: Tue Dec 29 19:59:59 2020
SHA1 hash: 65439929B67973EB192D6FF243E6767ADF0834E4
Successfully verified: SetupGoVivoConsole.exe
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
请注意,此证书设置为1年过期,因此使用Symantec提供的服务器时间戳。根据有限的文档,在签署应用程序时使用时间戳服务器应该可以消除证书过期后应用程序过期的问题。但根据我所看到的信息,这并不是情况,因为我的应用程序将在2020年12月29日星期二19:59:59停止运行。
signtool的命令如下:
signtool.exe sign /f "certificate.pfx" /ac "thawte.crt" /p "mypassword" /t http://timestamp.verisign.com/scripts/timstamp.dll "ExecutableToSign.exe"