The signature in MSI package does not contain a timestamp #2752
Labels
level/task
Subtask issue
module/install
qa_known
Issues that are already known by the QA team
type/bug
Bug issue
Comments
rafabailon
added
level/task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
In certificates check it has been found that the signature in MSI package does not contain a timestamp.
Details
When it comes to digital signatures, timestamping refers to the process of including an electronic timestamp in your signature to possibly extend the validity of the signing certificate.
Therefore, if a certificate includes a timestamp, it will validate the certificate by verifying the signature against the time it was signed, and not the time you are running the software. And if not and a certificate has expired, then not having a digital signature timestamp will essentially block the application from being used.
Steps to Reproduce
To reproduce the error you must follow the following steps:
MSI PackageDigiCert Certificate Utility for Windowsto review the certificateTasks
MSI PackageSignatureMSI PackageSignature has timestampThe text was updated successfully, but these errors were encountered: