Search code examples
code-signingpost-build-eventsigntool

SignTool error : The specified timestamp server either could not be reached

We have a post build event command to perform code signing. Recently getting the below errors.

Post-Build cmd: 
$(SignToolPath)BuildScripts\SignTool\signtool.exe sign /f $(SignToolPath)BuildScripts\codesign.pfx /p $(CodeSigningPassword) /t http://timestamp.verisign.com/scripts/timstamp.dll /n AP /i "Symantec Class 3 SHA256 Code Signing CA" $(TargetPath)

SignTool error : The specified timestamp server either could not be reached.
/t http://timestamp.verisign.com/scripts/timstamp.dll

Previously this issue not seen.

So how could i try one more time to do code signing in Post-Build event commands based on errors or error codes? or any suggestions to perform code signing if any error occurred?

Solution

  • Used batch script to perform the signing operation & added retry signing based on "ERRORLEVEL" value.

    @echo off
setlocal enabledelayedexpansion
Set SigningToolPath=%1
Set CodesigningCertsPath=%2
Set SigningPassword=%3
Set TargetProjPath=%4

IF EXIST "%TargetProjPath%" (
    call :SignFile "%SigningToolPath%", "%CodesigningCertsPath%", %SigningPassword%, "%TargetProjPath%", 0
    IF !ERRORLEVEL! NEQ 0 (
        goto end
    )
)
:end
exit /b %ERRORLEVEL%

:SignFile
set "signToolPath=%~1"
set "certPath=%~2"
set "pass=%~3"
set "projFilePath=%~4"
set attempt=%~5
set /a attempt=%attempt%+1

echo.
echo ---signing %TargetProjPath% attempt %attempt%---
"%signToolPath%" sign /f "%certPath%" /p %pass% /fd sha256 /t http://timestamp.digicert.com "%projFilePath%"

IF %ERRORLEVEL% NEQ 0 (
    IF %attempt% LSS 2 (
        call :SignFile "%signToolPath%", "%certPath%", %pass%, "%projFilePath%", %attempt%
    )
)
exit /b %ERRORLEVEL%

    and invoke this batch file from MSBuild script like "$(WorkDirectory)\BuildScripts\SupportFiles\CodeSigningCertificates\signing.bat" "$(SigningToolPath)" "$(CodesigningCertsPath)" "$(SigningPassword)" "$(TargetProjPath)"