Jenkins fails in signtool.exe

0
votes

I am using signtool.exe to sing my msi output through a proj file in Jenkins. My command to sign the msi is, "C:\Program Files\Microsoft SDKs\Windows\v6.1\Bin\signtool.exe" sign /f "C:\Build\SignCertificate.cer" /csp "Microsoft Enhanced Cryptographic Provider v1.0" /k privatekeycontainer /t "http://timestamp.verisign.com/scripts/timstamp.dll" "..\Release\output.msi" . The pfx file is added in certificate store.

Whenever i execute it through command prompt it get pass and the msi get signed. But if i try through Jenkins then it fails. Please help me what is wrong.

3
msbuildjenkinssigntool
What error does Jenkins give you?SoftwareCarpenter
@SoftwareCarpenter Getting error message"error MSB:3073.... exited with code 1" from msbuild.кคгtђเςк ĞŔĶ

3 Answers

1
votes

Import sertificate to Machine Store instead of User store. Steps described here http://www.dartmouth.edu/~deploypki/materials/web_authn/pages/IISonXP_AddingTrustedCACertToComputer.htm

0
votes

Try these steps:

  1. Create a user 'Jenkins' as and Administrators group member
  2. Run the Jenkins service as the user 'Jenkins'
  3. log in as Jenkins user and install the certificate in the user store.
  4. Run it through Jenkins

Also, take a look at this link which is very similar to your question: SignTool Error: ISignedCode::Sign returned error: 0x80092006

0
votes

My problem was solved. The pfx is not imported with the private key properly. Now the leaf tells that it has a private key. So the problem is with the pfx file.