"No signature was present in the subject" error when signing code

Question

I have run into a similar problem to the on encountered here: How to sign code (.EXE file) with a .SPC or .PEM file from GoDaddy (using Ubuntu)?

I have used both the MONO signcode tool (https://developer.mozilla.org/en-US/docs/Signing_an_executable_with_Authenticode) and osslsigncode (http://sourceforge.net/projects/osslsigncode/files/osslsigncode/) and the executables show a digital certificate present signed with "Go Daddy Class 2 Certification Authority". When I view the certificate details it says "No signature was present in the subject" I have tried with the timestamp server and without the timestamp server and there is no difference. I am running the code on Ubuntu Precise and testing on Windows 7.

Suggestions?

Answer 1

I'm experiencing this same issue with a renewed GoDaddy cert.

I'm on Debian v8 / signing a windows EXE. It's a part of a deploy/publish step.

Using the SPC file from last year, it worked well. With both osslsigncode and Mono's signcode.

Now I get security warnings w/ the "No signature was present in the subject"

To FIX

I re-submitted my original CSR, and after receiving the re-re-issued cert I was able to successfully sign using osslsigncode.

Tested with osslsigncode verify <exe-name>

Answer 2

I ended up getting this to work by using the -pkcs12 <pkcs12 file> argument instead of the -cert <certificate file> and -key <key file> arguments. The .pfx file I used was generated from the exact same .spc and .pvk files I was supplying to osslsigncode, but for whatever reason, it worked while they didn't.

Answer 3

The error message "No signature was present in the subject" can be caused by a mismatch between the private key used for signing and the public key in the certificate.