Designating the algorithm in signing certificate

This forum can be browsed by the general public. Posting is limited to current SAPIEN license holders with active maintenance and does not offer a response time guarantee.
Forum rules
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 6 years and 3 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
User avatar
CNation27
Posts: 3
Last visit: Sat Jan 27, 2018 4:37 pm

Designating the algorithm in signing certificate

Post by CNation27 »

To help you better we need some information from you.

*** Please fill in the fields below. If you leave fields empty or specify 'latest' rather than the actual version your answer will be delayed as we will be forced to ask you for this information. ***
Product, version and build: Powershell Studio 2017 5.4.145
version of product: x64
Operating system:
OS: x64
*** Please add details and screenshots as needed below. ***
I am trying to use the Output Settings on a project to automate signing the EXE output. It works, but the algorithm it uses is SHA1 and I do not know how to designate SHA256.

It's easy enough with Set-AuthenticodeSignature to designate the -HashAlgorithm. How do I do this in the Output Settings?

DO NOT POST SUBSCRIPTIONS, KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM
User avatar
davidc
Posts: 5913
Last visit: Mon Jul 08, 2019 8:55 am
Been upvoted: 2 times

Re: Designating the algorithm in signing certificate

Post by davidc »

I'm not sure what you mean by Output settings. Are you referring to the packager Post Build commands?
Packager - Pre Post Commands.png
Packager - Pre Post Commands.png (15.99 KiB) Viewed 2399 times
David
SAPIEN Technologies, Inc.
User avatar
davidc
Posts: 5913
Last visit: Mon Jul 08, 2019 8:55 am
Been upvoted: 2 times

Re: Designating the algorithm in signing certificate

Post by davidc »

If you want to use Set-AuthenticodeSignature instead of the built-in signing, you will have to call PowerShell.exe directly in a post build command:

powershell.exe -command "Set-AuthenticodeSignature -FilePath myscriptname.exe -HashAlgorithm SHA256"

According to Set-AuthenticodeSignature help documentation, PowerShell V2 uses SHA1 and a default and V3 and up use SHA256 as a default.
David
SAPIEN Technologies, Inc.
User avatar
davidc
Posts: 5913
Last visit: Mon Jul 08, 2019 8:55 am
Been upvoted: 2 times

Re: Designating the algorithm in signing certificate

Post by davidc »

FYI, in the next service release the default for the internal signing will be set to SHA256.
David
SAPIEN Technologies, Inc.
User avatar
CNation27
Posts: 3
Last visit: Sat Jan 27, 2018 4:37 pm

Re: Designating the algorithm in signing certificate

Post by CNation27 »

I am currently using Set-AuthenticodeSignature, i would like to do it at Build time so its not an extra step to do.

The OUTPUT SETTINGS tab on the same Build Settings screen you are showing...
User avatar
Alexander Riedel
Posts: 8479
Last visit: Thu Mar 28, 2024 9:29 am
Answers: 20
Been upvoted: 37 times

Re: Designating the algorithm in signing certificate

Post by Alexander Riedel »

If you use the command David showed you in the Post-build commands, this will happen at build time.
It does not require an extra step. Pre- and Post- build commands are designed to keep you from doing any custom steps manually.
Alexander Riedel
SAPIEN Technologies, Inc.
This topic is 6 years and 3 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.