Signing Executable error SignTimeStamp (-2147467259/0x80004005)
Just a quick note on a cryptic error I came across the other day.
I was working on a remote server, trying to determine why our build system was failing trying to sign our executables.
The command being run was:
signtool.exe sign /SHA1 [thumbprint] /t http://timestamp.verisign.com/scripts/timstamp.dll /d [Executable Name] [Executable Path]
And the error I was receiving was
As far as I could tell (-2147467259/0x80004005) appeared to be a very generic COM exception and was not very helpful.
The problem actual turned out to be very simple.
While I did know this, I had forgotten that the server in question had no access to the internet. This meant the call to the time server via the -t switch was failing and producing this lovely, and informative error.
The short term workaround for me was to completely remove the -t switch until this group of machines is given internet access. This allows the executable to be signed, and the build and deploy succeed, while we continue to setup this environment. This is however a temporary environment.
Be aware that by not using a time stamp when you sign your executable means the signature is only valid until the certificate expires and thus is most likely not a valid work around in a production system..
With any luck this will stop someone else wasting their time trying to track down the cause of this lovely error message.