Do you have root cert auto updating enabled? Thanks, Brian Desmond br...@briandesmond.com
w - 312.625.1438 | c - 312.731.3132 From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Monday, April 16, 2012 11:02 AM To: NT System Admin Issues Subject: Re: code signing certificate ? OK, got past that hurdle. i was also able to successfully sign a script using SignTool. Just trying to figure out the process to verify the signature, getting this: SignTool Error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. But if I look at the path, it looks OK. Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com<mailto:> [cid:image001.jpg@01CD1BC7.FCC12290] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> From: Christopher Bodnar <christopher_bod...@glic.com<mailto:christopher_bod...@glic.com>> To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com<mailto:ntsysadmin@lyris.sunbelt-software.com>> Date: 04/16/2012 10:40 AM Subject: Re: code signing certificate ? ________________________________ Yes, and are great, but I'm not importing directly from the web site like he was able to. I've got the SPC and PVK files and now need to somehow import them into the certificate store. That is where I'm stuck. I've just found this link which seems to be promising: http://ellisweb.net/2008/08/signing-code-using-pvk-and-spc-files/ But isn't taking the password that I was given by our security guys. I'll have to check on that. Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com<mailto:> [cid:image001.jpg@01CD1BC7.FCC12290] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> From: Mack Bolan <mack.bola...@gmail.com<mailto:mack.bola...@gmail.com>> To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com<mailto:ntsysadmin@lyris.sunbelt-software.com>> Date: 04/16/2012 10:05 AM Subject: Re: code signing certificate ? ________________________________ Have you looked at Webster's instructions yet? Mack S. Bolan On Mon, Apr 16, 2012 at 8:58 AM, Christopher Bodnar <christopher_bod...@glic.com<mailto:christopher_bod...@glic.com>> wrote: OK, the Security team has now provided me the SPC file. What I'm looking for is how to install the certificate with these 2 files (SPC, and PVK). According to the information I've found online you should be able to do this: pvkimprt -import 1.spc myprivatekey.pvk Which will them launch a wizard, or you can export directly to the PFX file by using this: pvkimprt -PFX 1.spc myprivatekey.pvk ISDCert.pfx Neither seems to be working for me. I get this error: Command line option syntax error: I'm doing this from a W7 machine Thanks Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459<tel:610-807-6459> 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com<mailto:christopher_bod...@glic.com> [cid:image001.jpg@01CD1BC7.FCC12290] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> From: Lora Cates <lora.ca...@rocketmail.com<mailto:lora.ca...@rocketmail.com>> To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com<mailto:ntsysadmin@lyris.sunbelt-software.com>> Date: 04/16/2012 09:42 AM Subject: Re: code signing certificate ? ________________________________ I found this in the NTSys Archives: http://carlwebster.com/how-to-digitally-sign-a-microsoft-powershell-script-with-a-third-party-code-signing-certificate/ -lc ________________________________ From: Christopher Bodnar <christopher_bod...@glic.com<mailto:christopher_bod...@glic.com>> To: NT System Admin Issues <ntsysadmin@lyris.sunbelt-software.com<mailto:ntsysadmin@lyris.sunbelt-software.com>> Sent: Monday, April 16, 2012 8:21 AM Subject: code signing certificate ? All help is appreciated , have never done this before. We are going to start signing our scripts. I requested a code signing certificate from our Security group, we use Verisign. They handle all the Verisign certificates. They gave me back a *.PVK file. Shouldn't there also be a *SPC file as well? I've been looking at this for documentation on how to import the certificate: http://support.godaddy.com/help/5087 Wanted to verify this first, before I go back to our Security group. Thanks Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459<tel:610-807-6459> 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com<mailto:christopher_bod...@glic.com> The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
<<inline: image001.jpg>>