Sign Microsoft Windows executable with a key valid by the chain model but not the shell model

56 views Asked by At

I have a digital key which is valid until 2019. However the certifing key and the root certificate have been valid until March 2017 only. Hence my key is not valid anymore under the shell modell (where the outer keys must be valid at least as long the inner one is valid). Microsoft Windows does not except my key as valid anymore although the key itself is valid:

enter image description here

Moreover I am unable to use it with signtool to sign an executable:

enter image description here

Before March 2017 I was able to use the key for code signing.

Is there a way to use the key with signtool even if the root certificate is not valid anymore? Is there any other tool with which I can sign Microsoft Windows executables? Does osslsigncode allow for such certificates?

0

There are 0 answers