To help you better we need some information from you.
*** Please fill in the fields below. If you leave fields empty or specify 'latest' rather than the actual version your answer will be delayed as we will be forced to ask you for this information. ***
Product, version and build: Powershell Studio 2018 5.5.150
32 or 64 bit version of product: x64
Operating system: Windows Server 2016
32 or 64 bit OS: x64
Signing of code uses only SHA1 for *.ps1, *.exe, *.psm1 files.
Powershell Version is v5.
The Signing and the Timestamp algorithm should follow the certificate or Powershell Version.
This Topic was adressed here to, but seems not to be fixed yet:
viewtopic.php?f=12&t=12176&p=65604&hilit=sha1#p65604
Codesigning only uses SHA1
Forum rules
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
Re: Codesigning only uses SHA1
Which signing process are you referring to? The script signing or the packager / MSI signing?
Also verify that your certificate supports SHA-256. If not, it might roll back to SHA-1.
Also verify that your certificate supports SHA-256. If not, it might roll back to SHA-1.
David
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.
- brvzit-pss01
- Posts: 17
- Last visit: Fri Jan 19, 2024 12:08 am
Re: Codesigning only uses SHA1
Script signing. The certificate is SHA-256 and can be used with Set-AuthenticodeSignature and signtool.exe to sign with SHA-256.
Re: Codesigning only uses SHA1
We made some changes and are about a release a new build. Please test the signed after the new build is release.
David
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.
Re: Codesigning only uses SHA1
The new service release is available. Please update to this build and see if there is a difference if you use the built-in signing.
David
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.
- brvzit-pss01
- Posts: 17
- Last visit: Fri Jan 19, 2024 12:08 am
Re: Codesigning only uses SHA1
Updating to the new version 5.5.151 doesn't change the behavior. Cert is SHA256, sign-algorithm is SHA1.
Re: Codesigning only uses SHA1
Can you post a screenshot of your settings under Options->PowerShell?
If you don't want to post on the forum, you can upload up load it here:
https://www.sapien.com/support/upload
If you don't want to post on the forum, you can upload up load it here:
https://www.sapien.com/support/upload
David
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.
- brvzit-pss01
- Posts: 17
- Last visit: Fri Jan 19, 2024 12:08 am
Re: Codesigning only uses SHA1
When I checked the algorithm of the signed files, they both displayed SHA256.
Note: I'm unable to test the certificate attached.
Note: I'm unable to test the certificate attached.
David
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.
- brvzit-pss01
- Posts: 17
- Last visit: Fri Jan 19, 2024 12:08 am
Re: Codesigning only uses SHA1
How do you test that? - I'm using: "Windows explorer, rightclick, properties, Digital Signatures" the failing file shows "sha1" as Digest algorithm, like everything signed with PowershellStudio - and only the "self" signed shows "sha256"