SignTool错误：访问被拒绝 [英] SignTool error: Access is denied

问题描述

我想authenti code签订安装Windows Server 2008 R2的x64与VS2010上一个新的code签名证书.NET应用程序，但SignTool保持与访问响应被拒绝：

I am trying to authenticode sign a .NET application with a new code signing certificate on Windows Server 2008 R2 x64 with VS2010 installed, but SignTool keeps responding with Access is denied:

SignTool.exe sign /v /a /sha1 <thumbprint> MyApplication.exe

The following certificate was selected:
    Issued to: <redacted>
    Issued by: VeriSign Class 3 Code Signing 2010 CA
    Expires:   Thu Jun 28 01:59:59 2012
    SHA1 hash: <thumbprint>

Done Adding Additional Store
SignTool Error: Access is denied.
SignTool Error: An error occurred while attempting to sign: MyApplication.exe

Number of files successfully Signed: 0
Number of warnings: 0
Number of errors: 1

证书安装到用户的个人存储和用户是本地管理员组的成员。我也尝试过使用签名.pfx文件，但一直得到同样的错误。禁用UAC提示显示没有任何效果。

The certificate is installed to the user's personal store and the user is member of the local Administrators group. I also tried signing using the .pfx file but kept getting the same error. Disabling the UAC prompt showed no effect either.

任何想法？

推荐答案

原因是私钥保护已启用，但除非运行命令提示符管理员，相应的应用程序请求访问受保护的项目。提示也没有出现。

The reason was that private key protection was enabled, but unless running the command prompt as Administrator, the corresponding "An application is requesting access to a protected Item." prompt did not appear.

要解决这个问题，我不得不删除证书和密钥，然后从.pfx文件重新导入，这个时候不选择强私钥保护选项。

To resolve the issue, I had to delete certificate and key, and then reimport it from the .pfx file, this time not selecting the strong private key protection option.

这篇关于SignTool错误：访问被拒绝的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！