SignTool Failing with 0x80096005

After creating a new setup package I noticed my certificate signing wasn't working. I kept getting error while running the same signing command I always had.

Console
sign -s "My" -sha1 $CERTIFICATE_THUMBPRINT -tr http://timestamp.comodoca.com/rfc3161 -v App.exe
SignTool Error: An unexpected internal error has occurred.
Error information: "Error: SignerSign() failed." (-2146869243/0x80096005)

A bit of troubleshooting later and I narrowed my problem to the timestamping server as removing /tr option made it work as usually (albeit without the timestamping portion). There were some certificate changes for the timestamp server but I don't believe this was the issue as the new certificate was ok and I remember their server occasionally not working for days even before this.

And then I remembered what I did the last time Comodo's timestamp server crapped out. Quite often you can use other, more reliable, timestamp server. In my case I went with timestamp.digicert.com.

Console
sign -s "My" -sha1 $CERTIFICATE_THUMBPRINT -tr http://timestamp.digicert.com -v App.exe
Successfully signed: App.exe

PS: This same error might happen due to servers refusing SHA-1.

Leave a Reply

Your email address will not be published. Required fields are marked *