Search code examples
pfxsigntool

Why I get "The specified PFX password is not correct" when trying to sign application with signtool?

I followed this link to sign my exe application.

  • I installed SDK tool on Windows 7,

  • run C:\Program Files\Microsoft SDKs\Windows\v6.1\Bin>makecert.exe -sv App-O.pvk -n "CN=MY DIGITAL KEY" App-O.cer

Dialog opened to provide password:

enter image description here

I wrote password : 'fess'

new window opened:

enter image description here

I entered: 'fess'

#Succeeded

files App-O.cer and App-O.pvk creaded.

now I generate pfx:

pvk2pfx.exe -pvk App-O.pvk -spc App-O.cer -pfx App-O.pfx

Dialog opened to provide password:

enter image description here

i pasted 'fess'

file pfx created.

Now i run signtool:

 C:\Program Files\Microsoft SDKs\Windows\v6.1\Bin>signtool.exe sign /f "App-O.pfx" /p fess "C:\Output\setup.exe"

Here I got the error:

SignTool Error: The specified PFX password is not correct.

Number of files successfully Signed: 0
Number of warnings: 0
Number of errors: 1

What did I miss?

BTW, the same error I get from CMD shell of Windows SDK.

Thanks,

Solution

  • There are a couple of problems.

    First of all you are using self-signed certificate, so you should define it explicitly by adding -r key to makecert command or you'll get an error "The signer's certificate is not valid for signing" at sign step.

    Next, at this step

    signtool.exe sign /f "App-O.pfx" /p fess "C:\Output\setup.exe"

    you are trying to open pfx using password "fess". But you actually didn't set any password for pfx file. To do it you should add -po key to pfx creation command.

    After that you can sign your application.

    So the correct process will be:

    makecert.exe -sv App-O.pvk -n "CN=MY DIGITAL KEY" App-O.cer -r

pvk2pfx.exe -pvk App-O.pvk -spc App-O.cer -pfx App-O.pfx -po fess

signtool.exe sign /f "App-O.pfx" /p fess "C:\Output\setup.exe"

    Here is some useful links: