Suppose I authenticode-sign a .exe or .dll [C# (.NET Framework 4.7.2)], which in turn calls third party DLLs that are NOT authenticode-signed. This should work by default in Windows, correct? I.e. no signing errors would be triggered when attempting to run this in production (assuming default Windows Server 2016 configuration)?
Have looked around SO and Google and have not been able to find a direct answer on this point. Any help would be greatly appreciated.
Yes this is correct, only the main executable has to be signed.