我在装有 .NET 1.1 的 Windows XP Professional 机器上安装了 signtool.exe。属性对话框中显示的版本为 5.2.3790.2568。
我还在同一台机器上安装了带有 OpenSSH 的 Cygwin。无论如何,当我在本地运行该工具时 - 一切正常,请观察:
D:\WORK\workspace>type 1.cmd
d:\work\workspace\VE\CodeSign\signtool.exe sign /f d:\work\workspace\VE\CodeSign\Shunra.pfx /p "shunrail" /t http://timestamp.verisign.com/scripts/tim
stamp.dll /du "www.shunra.com" /v "d:\work\workspace\VE\ShunraInstallationServices\lib\net\Release\ShunraInstallationServices.dll"
D:\WORK\workspace>1.cmd
D:\WORK\workspace>d:\work\workspace\VE\CodeSign\signtool.exe sign /f d:\work\workspace\VE\CodeSign\Shunra.pfx /p "shunrail" /t http://timestamp.verisi
gn.com/scripts/timstamp.dll /du "www.shunra.com" /v "d:\work\workspace\VE\ShunraInstallationServices\lib\net\Release\ShunraInstallationServices.dll"
The following certificate was selected:
Issued to: Shunra Software Ltd.
Issued by: VeriSign Class 3 Code Signing 2009-2 CA
Expires: 6/3/2013 1:59:59
SHA1 hash: DE4A79909D95FCFB16DA8BFE4251C5FC88659FFA
Done Adding Additional Store
Attempting to sign: d:\work\workspace\VE\ShunraInstallationServices\lib\net\Release\ShunraInstallationServices.dll
Successfully signed and timestamped: d:\work\workspace\VE\ShunraInstallationServices\lib\net\Release\ShunraInstallationServices.dll
Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
D:\WORK\workspace>
现在,我尝试通过 SSH 从另一台机器运行相同的命令。观察:
markk@Dev-Builder /cygdrive/d
$ ssh builder@vm-builder /cygdrive/c/WINDOWS/system32/cmd.exe /c d:\\\\WORK\\\\workspace\\\\1.cmd
C:\cygwin\home\builder>d:\work\workspace\VE\CodeSign\signtool.exe sign /f d:\work\workspace\VE\CodeSign\Shunra.pfx /p "s
hunrail" /t http://timestamp.verisign.com/scripts/timstamp.dll /du "www.shunra.com" /v "d:\work\workspace\VE\ShunraInsta
llationServices\lib\net\Release\ShunraInstallationServices.dll"
Number of files successfully Signed: 0
Number of warnings: 0
Number of errors: 1
SignTool Error: IStore2::Load returned error: 0x80090345
The requested operation requires delegation to be enabled on the machine.
SignTool Error: An error occurred while attempting to load the signing
certificate from: d:\work\workspace\VE\CodeSign\Shunra.pfx
markk@Dev-Builder /cygdrive/d
$
两种情况下使用的用户是相同的。事实上,在第一台机器上:
D:\WORK\workspace>echo %USERNAME% %USERDOMAIN%
builder SHUNRANET
D:\WORK\workspace>c:\utils\PsLoggedon.exe
PsLoggedon v1.34 - See who's logged on
Copyright (C) 2000-2010 Mark Russinovich
Sysinternals - www.sysinternals.com
Users logged on locally:
11/21/2011 4:53:01 SHUNRANET\builder
No one is logged on via resource shares.
D:\WORK\workspace>
现在在第二台机器上通过 SSH 执行相同的命令:
markk@Dev-Builder /cygdrive/d
$ ssh builder@vm-builder /cygdrive/c/WINDOWS/system32/cmd.exe /c echo %USERNAME% %USERDOMAIN%
builder SHUNRANET
markk@Dev-Builder /cygdrive/d
$ ssh builder@vm-builder /cygdrive/c/utils/PsLoggedon.exe
Users logged on locally:
11/21/2011 4:53:01 SHUNRANET\builder
No one is logged on via resource shares.
PsLoggedon v1.34 - See who's logged on
Copyright (C) 2000-2010 Mark Russinovich
Sysinternals - www.sysinternals.com
markk@Dev-Builder /cygdrive/d
$
这是怎么回事?
编辑
我已将 pause
命令插入到 1.cmd 批处理文件中,这允许我在 Process Explorer 中打开相应 cmd.exe 进程的属性对话框。本地运行的 cmd.exe 的“安全”选项卡讲述的故事与通过 SSH 远程运行的 cmd.exe 讲述的故事不同。
本地运行的 cmd.exe 的“安全”选项卡(我必须连接权限值,因为 UI 不允许调整窗口那部分的大小):
现在 cmd.exe 的相同对话框从另一台机器通过 SSH 运行:
最佳答案
我找到了帖子 Re: Cygwin ssh session privileges differ from console privileges? ,其中指出:
The bottom line is, if you need all the user's access rights use password authentication
事实上,在我更改目标机器上的 ssh 配置以询问用户密码后,signtool.exe 成功了。
关于windows - 如何修复 "an error occurred while attempting to load the signing certificate from"PFX 文件?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/8591136/