当我从atlassian Bamboo运行时,signtool无法签署安装程序

 

我试图自动化来自Bamboo的代码签名以实现内部安全措施。

签署命令: 

signtool.exe sign /v /debug /f "hostnameCert$Cerfile.pfx" /p "password" /d "Company name" /t "http://timestamp.verisign.com/scripts/timstamp.dll" "c:testinstaller.msi"

我正在使用我们IT部门的内部生成的证书,该证书的格式为.pfx。

验证: 

signtool verify /pa "c:testinstaller.msi"

如果我从本地计算机(与竹服务用户相同的用户)运行命令窗口,那么这两个命令都可以很好地工作。 当我将Atlassian Bamboo作为脚本任务运行时,它失败。

它停在“完成添加附加商店”。 此后没有错误或成功消息。

最终在下面打印一个成功的签名,这是在我从本地主机运行时出现的。 

.........
Done Adding Additional Store
Successfully signed: c:testinstaller.msi

Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0

这是我看到如果我从Bamboo运行相同的命令。 

build   20-Jan-2017 08:05:07    The following certificates were considered:
build   20-Jan-2017 08:05:07        Issued to: RnD Software Engineering
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <....>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <...........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <...........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued to: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued to: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    After EKU filter, 3 certs were left.
build   20-Jan-2017 08:05:07    After expiry filter, 3 certs were left.
build   20-Jan-2017 08:05:07    After Private Key filter, 1 certs were left.
build   20-Jan-2017 08:05:07    The following certificate was selected:
build   20-Jan-2017 08:05:07        Issued to: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    The following additional certificates will be attached:
build   20-Jan-2017 08:05:07        Issued to: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Issued by: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        Expires:   <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07        SHA1 hash: <........>
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    
build   20-Jan-2017 08:05:07    Done Adding Additional Store

验证日志 

build   20-Jan-2017 08:05:07    File: c:abcinstaller.msi
build   20-Jan-2017 08:05:07    Index  Algorithm  Timestamp    
build   20-Jan-2017 08:05:07    ========================================
build   20-Jan-2017 08:05:08    
build   20-Jan-2017 08:05:08    Number of errors: 1
error   20-Jan-2017 08:05:08    SignTool Error: No signature found.

任何帮助是极大的赞赏。

我能够使用不同的时间戳服务器解决问题。 以下命令从Bamboo内联脚本任务开始工作。 

signtool.exe sign /v /debug /f "hostnameCert$Cerfile.pfx" /p "password" /d "Company name" /tr "http://sha1timestamp.ws.symantec.com/sha1/timestamp" "c:testinstaller.msi"
链接地址: http://www.djcxy.com/p/87267.html

上一篇: signtool fails to sign installer when i am running from atlassian Bamboo

下一篇: Atlassian Bamboo command tasks not running correctly