Uploaded image for project: 'Copy Handler'
  1. Copy Handler
  2. CH-263

Copy Handler is being signed with SHA1 instead of SHA256

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.40, 1.41
    • Fix Version/s: 1.42
    • Component/s: installer
    • Labels:
      None

      Description

      Currently Copy Handler is signed with default settings of signtool executable, defaulting to SHA1 signature.
      However Microsoft has updated the Authenticode rules in a way that SHA1 signatures with newer timestamps are considered invalid (appears in IE and Edge as corrupted signature) and starting with 1st of Jan 2017, it will be treated as if there is no signature at all.

      It seems the following article has some more information and the possible solution:
      http://support.ksoftware.net/support/solutions/articles/215805-the-truth-about-sha1-sha-256-and-code-signing-certificates-

        Attachments

          Activity

            People

            • Assignee:
              admin ixen
              Reporter:
              admin ixen
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours
                2h