Upgraded from Powershell Studio 2020 to 2021:
Product: PowerShell Studio 2021 (64 Bit)
Build: v5.8.188
OS: Windows 10 Enterprise (64 Bit)
Build: v10.0.18363.0
File->Options->Powershell-> Certificate in Local Store - click button to "Open your Certificate Store to view installed certificates"
Get this message:
"Windows Security
Powershell Studio.exe
No certificate available
No certificates meet the application criteria.
Click ok to continue"
Click OK - nothing happens.
This was working immediately before I updated from 2020 to 2021. Nothing changed other than that update. I validate the cert is in the same place. mmc shows cert still exists and is valid for another year.
Did the "application criteria" or location where the certs need to be installed change?
Please help.
Code Signing Cert not selectable after upgrade
Forum rules
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
- EnergySmithe
- Posts: 12
- Last visit: Thu Sep 14, 2023 6:35 am
Code Signing Cert not selectable after upgrade
- Attachments
-
- No Cert Available
- sapienpowerstudio2021cert.png (11.24 KiB) Viewed 5618 times
- EnergySmithe
- Posts: 12
- Last visit: Thu Sep 14, 2023 6:35 am
Re: Code Signing Cert not selectable after upgrade
Ok - Fine.
1) Removed existing code signing certs from everywhere (Localhost and the user)
2) Got new brand new code signing cert issued and installed for the user only
3) Cert now appears and can be selected
4) Attempt to Deploy Package to EXE and get "Signing with certificate failed : ASN1 bad tag value met."
5) Try using the old cert to sign in Visual Studio 2019. Works
6) Try using the new cert to sign in Visual Studio 2019. Works
7) Try manually signing using the new cert with powershell after compiling:
... That WORKS. Try re-selecting the new cert in the package manager signing section, save and package. Fails with "ASN1 bad tag value met."
I guess I have a workaround, but I would really like to know what options your passing to get the "ASN1 bad tag value met" for BOTH the old and new certs.
1) Removed existing code signing certs from everywhere (Localhost and the user)
2) Got new brand new code signing cert issued and installed for the user only
3) Cert now appears and can be selected
4) Attempt to Deploy Package to EXE and get "Signing with certificate failed : ASN1 bad tag value met."
5) Try using the old cert to sign in Visual Studio 2019. Works
6) Try using the new cert to sign in Visual Studio 2019. Works
7) Try manually signing using the new cert with powershell after compiling:
Code: Select all
Set-AuthenticodeSignature -FilePath .\bin\x64\mytest.exe -Certificate (Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert) -TimestampServer "http://timestamp.globalsign.com/scripts/timstamp.dll/?signature=sha2"
I guess I have a workaround, but I would really like to know what options your passing to get the "ASN1 bad tag value met" for BOTH the old and new certs.
Re: Code Signing Cert not selectable after upgrade
From your original post, that appears to be a Windows error about what certificates are appearing available in your certificate store.
Certificate store is a Windows dialog, it is not something we have control over. The following links might be helpful:
https://docs.microsoft.com/en-us/answer ... teria.html
https://social.msdn.microsoft.com/Forum ... pps&ppud=4
As for your second post, are you able to sign a script from PowerShell Studio? Does this error only happen when packaging?
Certificate store is a Windows dialog, it is not something we have control over. The following links might be helpful:
https://docs.microsoft.com/en-us/answer ... teria.html
https://social.msdn.microsoft.com/Forum ... pps&ppud=4
As for your second post, are you able to sign a script from PowerShell Studio? Does this error only happen when packaging?
Brittney
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.
- Alexander Riedel
- Posts: 8479
- Last visit: Thu Mar 28, 2024 9:29 am
- Been upvoted: 37 times
Re: Code Signing Cert not selectable after upgrade
The "ASN1 bad tag value met." error is usually caused by the time stamp server. Select a different time stamp server url.
Alexander Riedel
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.
- EnergySmithe
- Posts: 12
- Last visit: Thu Sep 14, 2023 6:35 am
Re: Code Signing Cert not selectable after upgrade
BrittneyR - I could not sign anything - powershell scripts or generated executables - using Sapien Powershell Studio 2021. However - in testing this morning, I think Alexander Riedel is correct - If I remove the timestamp URL completely then I am able to sign things. As soon as I select any of them, it fails with the "ASN1 bad tag value met.". The security context I run powershell studio from does not have internet access. I am guessing that is the problem.
Thank you Both
Thank you Both
- Alexander Riedel
- Posts: 8479
- Last visit: Thu Mar 28, 2024 9:29 am
- Been upvoted: 37 times
Re: Code Signing Cert not selectable after upgrade
Yeah that would do it. Before you simply omit the time stamp, please refer to this:
https://www.sapien.com/blog/2021/04/05/ ... -a-script/
https://www.sapien.com/blog/2021/04/05/ ... -a-script/
Alexander Riedel
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.