-myk
Mike Smithwick wrote:
I have spent quite some time trying to figure out this signing biz,
but it seems like the signtool docs are still stuck in Netscape 4 land
and so are nearly useless.
We were given a "p12" file from our CA. I assume that is by definition
the certificate. The docs mention exporting a p12 file, but never
importing one, yet the Mozilla cert manager only permits importing a
file. So I tried that, and our cert appeared in the list. From the
docs it appeared as if Signtool then uses the two db files to get the
info it needs: cert7.db and key3.db which I moved over to the
directory that has my projects. (Pointing signtool to the original
directory with the db files caused it to crash, probably the directory
name was too long and overflowed some buffer).
Now I type in "signtool -l", and it both shows our certificate and the
line "Error++ Unable to find issuer in certificate". I assume that
means it cannot find a legal Verisign cert, but when I do a -L I
clearly see that certificate as listed.
I can create a temporary internal certificate and it works fine.
what gives?
