|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Sign a script
I am attempting to sign a script for the first time and receiving an error.
I have installed a Code Signing certificate from my Enterprise Root CA in my personal certificate store ("My"). I am using a slightly modified version of the Script Center's "Sign a Script Programmatically.vbs" script, with the only differences being the file name, the path, and the name of the certificate. Everytime that I attempt to run the "Sign a Script Programmatically.vbs" script, I receive the following error: "(null): Unspecified error". The name of my code signing certificate is "Lastname, Troy" and I believe that the comma might be causing the problem as I successfully signed a script with a test account with no comma in the display name. Can anyone verify this and if so, is there a way around it? I have tried "Lastname\, Troy". Thanks, -Troy Troy wrote:
Show quote > I am attempting to sign a script for the first time and receiving an Have you tried the *.wsf version from the WSH docs (saved as > error. > I have installed a Code Signing certificate from my Enterprise Root > CA in my personal certificate store ("My"). I am using a slightly > modified version of the Script Center's "Sign a Script > Programmatically.vbs" script, with the only differences being the > file name, the path, and the name of the certificate. Everytime that > I attempt to run the "Sign a Script Programmatically.vbs" script, I > receive the following error: "(null): Unspecified error". > > The name of my code signing certificate is "Lastname, Troy" and I > believe that the comma might be causing the problem as I successfully > signed a script with a test account with no comma in the display > name. Can anyone verify this and if so, is there a way around it? I > have tried "Lastname\, Troy". > ScriptSigner.wsf)? Run: ScriptSigner.wsf /file:"c:\path to\some.vbs" /cert:"Lastname, Troy" <job> <runtime> <named name="file" helpstring="the file to sign" required="true" type="string"/> <named name="cert" helpstring="the name of the signing certificate" required="true" type="string"/> <named name="store" helpstring="the name of the certificate store" required="false" type="string"/> </runtime> <script language="vbscript"> Dim Signer, File, Cert, Store If Not (WScript.Arguments.Named.Exists("cert") And WScript.Arguments.Named.Exists("file")) Then WScript.Arguments.ShowUsage WScript.Quit End If Set Signer = CreateObject("Scripting.Signer") File = WScript.Arguments.Named("file") Cert = WScript.Arguments.Named("cert") If WScript.Arguments.Named.Exists("store") Then Store = WScript.Arguments.Named("store") Else Store = "my" End If Signer.SignFile File, Cert, Store </script> </job> -- Michael Harris Thanks much for the script, but unfortunately I still receive the "(null):
Unspecified error". Any other ideas? Show quote "Michael Harris" wrote: > Troy wrote: > > I am attempting to sign a script for the first time and receiving an > > error. > > I have installed a Code Signing certificate from my Enterprise Root > > CA in my personal certificate store ("My"). I am using a slightly > > modified version of the Script Center's "Sign a Script > > Programmatically.vbs" script, with the only differences being the > > file name, the path, and the name of the certificate. Everytime that > > I attempt to run the "Sign a Script Programmatically.vbs" script, I > > receive the following error: "(null): Unspecified error". > > > > The name of my code signing certificate is "Lastname, Troy" and I > > believe that the comma might be causing the problem as I successfully > > signed a script with a test account with no comma in the display > > name. Can anyone verify this and if so, is there a way around it? I > > have tried "Lastname\, Troy". > > > > Have you tried the *.wsf version from the WSH docs (saved as > ScriptSigner.wsf)? > > Run: ScriptSigner.wsf /file:"c:\path to\some.vbs" /cert:"Lastname, Troy" > > <job> > <runtime> > <named name="file" helpstring="the file to sign" required="true" > type="string"/> > <named name="cert" helpstring="the name of the signing certificate" > required="true" type="string"/> > <named name="store" helpstring="the name of the certificate store" > required="false" type="string"/> > </runtime> > <script language="vbscript"> > Dim Signer, File, Cert, Store > If Not (WScript.Arguments.Named.Exists("cert") And > WScript.Arguments.Named.Exists("file")) Then > WScript.Arguments.ShowUsage > WScript.Quit > End If > Set Signer = CreateObject("Scripting.Signer") > File = WScript.Arguments.Named("file") > Cert = WScript.Arguments.Named("cert") > If WScript.Arguments.Named.Exists("store") Then > Store = WScript.Arguments.Named("store") > Else > Store = "my" > End If > Signer.SignFile File, Cert, Store > </script> > </job> > > > > -- > Michael Harris > > > I just tried renaming my test account to "Test, Troy" exporting then deleting
the old certificate, and downloading a new one named "Test, Troy" and I was able to sign another file, so I think that my user profile might be corrupt. ??? Show quote "Michael Harris" wrote: > Troy wrote: > > I am attempting to sign a script for the first time and receiving an > > error. > > I have installed a Code Signing certificate from my Enterprise Root > > CA in my personal certificate store ("My"). I am using a slightly > > modified version of the Script Center's "Sign a Script > > Programmatically.vbs" script, with the only differences being the > > file name, the path, and the name of the certificate. Everytime that > > I attempt to run the "Sign a Script Programmatically.vbs" script, I > > receive the following error: "(null): Unspecified error". > > > > The name of my code signing certificate is "Lastname, Troy" and I > > believe that the comma might be causing the problem as I successfully > > signed a script with a test account with no comma in the display > > name. Can anyone verify this and if so, is there a way around it? I > > have tried "Lastname\, Troy". > > > > Have you tried the *.wsf version from the WSH docs (saved as > ScriptSigner.wsf)? > > Run: ScriptSigner.wsf /file:"c:\path to\some.vbs" /cert:"Lastname, Troy" > > <job> > <runtime> > <named name="file" helpstring="the file to sign" required="true" > type="string"/> > <named name="cert" helpstring="the name of the signing certificate" > required="true" type="string"/> > <named name="store" helpstring="the name of the certificate store" > required="false" type="string"/> > </runtime> > <script language="vbscript"> > Dim Signer, File, Cert, Store > If Not (WScript.Arguments.Named.Exists("cert") And > WScript.Arguments.Named.Exists("file")) Then > WScript.Arguments.ShowUsage > WScript.Quit > End If > Set Signer = CreateObject("Scripting.Signer") > File = WScript.Arguments.Named("file") > Cert = WScript.Arguments.Named("cert") > If WScript.Arguments.Named.Exists("store") Then > Store = WScript.Arguments.Named("store") > Else > Store = "my" > End If > Signer.SignFile File, Cert, Store > </script> > </job> > > > > -- > Michael Harris > > > Okay, I've got it figured out. Through testing, I found that the cause of
the unspecified error is that I had multiple certificates from the same CA in my personal certificate store (eg: Administrator and Code Signing). It didn't matter that they were different template types or what the friendly name was. When I exported the Administrator certificate and deleted it out of the Personal certificate store, where I only had the one Code Signing certificate from my Enterprise Root CA in my Personal certificate store, I was able to sign my script successfully. If anyone knows a way around this other than creating a v2 certificate to include the functionality of both templates (my CA is 2003 Std unfortunately), that would be awesome; otherwise, I can get by with this workaround. Thanks for your input Michael. Show quote "Troy" wrote: > I just tried renaming my test account to "Test, Troy" exporting then deleting > the old certificate, and downloading a new one named "Test, Troy" and I was > able to sign another file, so I think that my user profile might be corrupt. > ??? > > "Michael Harris" wrote: > > > Troy wrote: > > > I am attempting to sign a script for the first time and receiving an > > > error. > > > I have installed a Code Signing certificate from my Enterprise Root > > > CA in my personal certificate store ("My"). I am using a slightly > > > modified version of the Script Center's "Sign a Script > > > Programmatically.vbs" script, with the only differences being the > > > file name, the path, and the name of the certificate. Everytime that > > > I attempt to run the "Sign a Script Programmatically.vbs" script, I > > > receive the following error: "(null): Unspecified error". > > > > > > The name of my code signing certificate is "Lastname, Troy" and I > > > believe that the comma might be causing the problem as I successfully > > > signed a script with a test account with no comma in the display > > > name. Can anyone verify this and if so, is there a way around it? I > > > have tried "Lastname\, Troy". > > > > > > > Have you tried the *.wsf version from the WSH docs (saved as > > ScriptSigner.wsf)? > > > > Run: ScriptSigner.wsf /file:"c:\path to\some.vbs" /cert:"Lastname, Troy" > > > > <job> > > <runtime> > > <named name="file" helpstring="the file to sign" required="true" > > type="string"/> > > <named name="cert" helpstring="the name of the signing certificate" > > required="true" type="string"/> > > <named name="store" helpstring="the name of the certificate store" > > required="false" type="string"/> > > </runtime> > > <script language="vbscript"> > > Dim Signer, File, Cert, Store > > If Not (WScript.Arguments.Named.Exists("cert") And > > WScript.Arguments.Named.Exists("file")) Then > > WScript.Arguments.ShowUsage > > WScript.Quit > > End If > > Set Signer = CreateObject("Scripting.Signer") > > File = WScript.Arguments.Named("file") > > Cert = WScript.Arguments.Named("cert") > > If WScript.Arguments.Named.Exists("store") Then > > Store = WScript.Arguments.Named("store") > > Else > > Store = "my" > > End If > > Signer.SignFile File, Cert, Store > > </script> > > </job> > > > > > > > > -- > > Michael Harris > > > > > >  |
|||||||||||||||||||||||
Other interesting topics