My problem was solved. The pfx is not imported with the private key properly. Now the leaf tells that it has a private key. So the problem is with the pfx file.
Jenkins fails in signtool.exe
Question
I am using signtool.exe to sing my msi output through a proj file in Jenkins. My command to sign the msi is, "C:\Program Files\Microsoft SDKs\Windows\v6.1\Bin\signtool.exe" sign /f "C:\Build\SignCertificate.cer" /csp "Microsoft Enhanced Cryptographic Provider v1.0" /k privatekeycontainer /t "http://timestamp.verisign.com/scripts/timstamp.dll" "..\Release\output.msi" . The pfx file is added in certificate store.
Whenever i execute it through command prompt it get pass and the msi get signed. But if i try through Jenkins then it fails. Please help me what is wrong.
Solution 3
OTHER TIPS
Import sertificate to Machine Store instead of User store. Steps described here http://www.dartmouth.edu/~deploypki/materials/web_authn/pages/IISonXP_AddingTrustedCACertToComputer.htm
Try these steps:
- Create a user 'Jenkins' as and Administrators group member
- Run the Jenkins service as the user 'Jenkins'
- log in as Jenkins user and install the certificate in the user store.
- Run it through Jenkins
Also, take a look at this link which is very similar to your question: SignTool Error: ISignedCode::Sign returned error: 0x80092006