SignTool error: ISignedCode :: Sign returned an error: 0x80092006

Question

SignTool error: ISignedCode :: Sign returned an error: 0x80092006

I am signing an EXE program with a certificate issued by a trusted CA. I am using signtool.exe from the Windows SDK v6.0a.

The certificate is located in the computer store and is located in the "Dating" folder.

My command line is:

sign /sm /n "My company" /d MyProductName /du http://my.url.com "C:\Setup\setup.exe"

When I run this command on the command line, it works fine. When I run this command in a batch process (called by a web service, so the user does not register when the command is executed), the following error occurs:

Number of errors: 1 Error SignTool: ISignedCode :: Sign returned an error: 0x80092006 No supplier was specified for the store or object.

Can anyone help with this?

+6

code-signing

Sebastien Jun 25 '09 at 19:47

source share

5 answers

oefe · Answer 1 · 2010-01-27T19:37:24+0000

The problem is that your service process cannot access your private key, which is stored in your account.

Log in to the account running the web service and import the private key into the key container. You can do this, for example, using the strong name tool (sn.exe) .NET :

 sn -i MyCertificate.pfx MyCodeSigningKey

Now change the script construct to use this key container:

 signtool sign /sm /a /v /csp "Microsoft Strong Cryptographic Provider" /kc MyCodeSigningKey <other parameters...>

/kc indicates the key container. /kc requires you to specify "CSP" (cryptographic service provider) with the /csp . The Microsoft Strong Cryptographic Provider is the default provider used by sn .

Ruben bartelink · Answer 2 · 2009-07-23T08:02:23+0000

I (now, only once) experienced the same condition (immediately after a successful call with the same parameters, except for another MSI file). Rerunning succeeded in executing the next execution of the build script. Also use as you

  / sm / d / du

Do not use

/ n

Also using

/ t

coder_2007 · Answer 3 · 2012-04-24T17:18:34+0000

To save time, I had this problem. It turned out that my certificate somehow messed up. After I deleted it from the certificate store and imported it again, the problem disappeared. I would suggest creating a PFX file around or copying it from the place where you know that it is not damaged.

Andreas Magnusson · Answer 4 · 2013-02-22T09:53:52+0000

I also had this problem. Still not quite sure what caused this, since I did not have time to find out. I found that the secret key was missing !?

I did what coder_2007 offers, and it worked for one full automatic build, but the next one would give the same error. So, something on my build server broke the private key after the full build (including several signed applications).

What I finally finished, immediately after importing, PFX switched to %allusersprofile%\Microsoft\Crypto\RSA\MachineKeys and wrote the last file for protection (the one that corresponds to the import time).

Silentblob · Answer 5 · 2016-11-17T22:09:49+0000

This can happen if your Windows password has changed after installing the certificate. Changing the password back to what it was will fix it. If you cannot do this, you will need to reinstall the certificate.

SignTool error: ISignedCode :: Sign returned an error: 0x80092006

More articles: