Skip to content

Windows 10 update sign verification error #1641

New issue
New issue
Closed
qcif/data-curator
#563
Closed
Windows 10 update sign verification error#1641
qcif/data-curator
#563
Labels
bugelectron-updaterwindows
@brandonhilkert

Description

@brandonhilkert
brandonhilkert
opened on Jun 10, 2017
  • Version: 18.6.2
  • Updater: 2.1.2
  • Target: Windows 10

I'm having trouble getting the code verification to pass on a Windows 10 update. Any insight would be super helpful. I tried to run the same command in a PS and it looks like it's valid and has the same thumbprint as the running program. Is there something else I can check to understand why this might be happening?

I'm using the following script to release:

WIN_CSC_LINK=./.bark-electron-win.p12 CSC_LINK=./.bark-electron.p12 build -mw --x64 --ia32 --em.main=build/main.js --publish always

[2017-06-09 17:09:09:0931] [info] Sign verification failed, installer signed with incorrect certificate: {
  "SignerCertificate": {
    "FriendlyName": "",
    "IssuerName": {
      "Name": "CN=DigiCert SHA2 High Assurance Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
      "Oid": "System.Security.Cryptography.Oid"
    },
    "NotAfter": "/Date(1528372800000)/",
    "NotBefore": "/Date(1496361600000)/",
    "PrivateKey": null,
    "PublicKey": {
      "Key": "System.Security.Cryptography.RSACryptoServiceProvider",
      "Oid": "System.Security.Cryptography.Oid",
      "EncodedKeyValue": "System.Security.Cryptography.AsnEncodedData",
      "EncodedParameters": "System.Security.Cryptography.AsnEncodedData"
    },
    "SerialNumber": "05675754F4B0E04A8123129B44A65D92",
    "SubjectName": {
      "Name": "CN=\"Bark Technologies, Inc\", O=\"Bark Technologies, Inc\", L=Richmond Hill, S=Georgia, C=US",
      "Oid": "System.Security.Cryptography.Oid"
    },
    "SignatureAlgorithm": {
      "Value": "1.2.840.113549.1.1.11",
      "FriendlyName": "sha256RSA"
    },
    "Thumbprint": "BC5BF06603F25DBFAF1DAD0A697D691043355171",
    "Version": 3,
    "Issuer": "CN=DigiCert SHA2 High Assurance Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
    "Subject": "CN=\"Bark Technologies, Inc\", O=\"Bark Technologies, Inc\", L=Richmond Hill, S=Georgia, C=US"
  },
  "TimeStamperCertificate": null,
  "Status": 0,
  "StatusMessage": "Signature verified."
}
[2017-06-09 17:09:09:0946] [error] Error: Error: New version 1.0.4 is not signed by the application owner: {
  "SignerCertificate": {
    "FriendlyName": "",
    "IssuerName": {
      "Name": "CN=DigiCert SHA2 High Assurance Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
      "Oid": "System.Security.Cryptography.Oid"
    },
    "NotAfter": "/Date(1528372800000)/",
    "NotBefore": "/Date(1496361600000)/",
    "PrivateKey": null,
    "PublicKey": {
      "Key": "System.Security.Cryptography.RSACryptoServiceProvider",
      "Oid": "System.Security.Cryptography.Oid",
      "EncodedKeyValue": "System.Security.Cryptography.AsnEncodedData",
      "EncodedParameters": "System.Security.Cryptography.AsnEncodedData"
    },
    "SerialNumber": "05675754F4B0E04A8123129B44A65D92",
    "SubjectName": {
      "Name": "CN=\"Bark Technologies, Inc\", O=\"Bark Technologies, Inc\", L=Richmond Hill, S=Georgia, C=US",
      "Oid": "System.Security.Cryptography.Oid"
    },
    "SignatureAlgorithm": {
      "Value": "1.2.840.113549.1.1.11",
      "FriendlyName": "sha256RSA"
    },
    "Thumbprint": "BC5BF06603F25DBFAF1DAD0A697D691043355171",
    "Version": 3,
    "Issuer": "CN=DigiCert SHA2 High Assurance Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
    "Subject": "CN=\"Bark Technologies, Inc\", O=\"Bark Technologies, Inc\", L=Richmond Hill, S=Georgia, C=US"
  },
  "TimeStamperCertificate": null,
  "Status": 0,
  "StatusMessage": "Signature verified."
}
    at C:\Users\Brandon\AppData\Local\Programs\Bark\resources\app.asar\node_modules\electron-updater\src\NsisUpdater.ts:65:15
    at Generator.next (<anonymous>)
    at FSReqWrap.CB [as oncomplete] (C:\Users\Brandon\AppData\Local\Programs\Bark\resources\app.asar\node_modules\fs-extra-p\node_modules\fs-extra\lib\remove\rimraf.js:57:5)
From previous event:
    at NsisUpdater.doDownloadUpdate (C:\Users\Brandon\AppData\Local\Programs\Bark\resources\app.asar\node_modules\electron-updater\out\NsisUpdater.js:120:11)
    at C:\Users\Brandon\AppData\Local\Programs\Bark\resources\app.asar\node_modules\electron-updater\src\AppUpdater.ts:246:25
    at Generator.next (<anonymous>)
From previous event:
    at NsisUpdater.downloadUpdate (C:\Users\Brandon\AppData\Local\Programs\Bark\resources\app.asar\node_modules\electron-updater\out\AppUpdater.js:289:11)
    at Immediate.setImmediate (C:\Users\Brandon\AppData\Local\Programs\Bark\resources\app.asar\build\main.js:52:23)
    at runCallback (timers.js:651:20)
    at tryOnImmediate (timers.js:624:5)
    at processImmediate [as _immediateCallback] (timers.js:596:5)

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugelectron-updaterwindows

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions