I am getting the following error. Any ideas where to start digging?
The mentioned certificate was imported from Windows Cert Store, has a private key and the signing algorithm of the cert is “sha256RSA”
Hi Olaf,
Could you confirm which certificate store the certificate is located in? Is it located in a user store or system store?
Our initial thought was that this may be a permissions issue but, from the error message, we can see that Signotaur already has the private key. The error occurs while signing the digest.
One possibility is that your certificate provider requires a different signature padding scheme than the one currently being used. To help us investigate further, could you run the following command to retrieve detailed information about your certificate?
certutil -v -store storename
Please send the output to us, either via a direct message here, or by email to support at finalbuilder.com.
1 Like
Thanks for your help, as already communicated via email, I found the error.
The certificate originates from a SafeNet token, which was then imported to the Windows store.
Signotaur detected and selected that certificate in the store, but cannot access the private key, which remains on the token.
As stated in the docs, you have to access the certificate via „Library“ - which I missed. It now works and signs perfectly.
2 Likes