I need Google Certificate Fingerprint to get an AuthO client ID for android. I used keytool -keystore path-to-debug-or-production-keystore -list -v
I used "keytool -keystore path-to-debug-or-production-keystore -list -v "
and i got: "The operation couldn’t be completed. Unable to locate a Java Runtime.
Please visit http://www.java.com for information on installing Java."
and also i tried with "expo credentials:manager -p android"
and i got:
Generate new keystore
The operation couldn’t be completed. Unable to locate a Java Runtime.
Please visit http://www.java.com for information on installing Java.
Failed to generate Android Keystore, it will be generated on Expo servers during the build
Error: keytool exited with non-zero code: 1
at ChildProcess.completionListener (/usr/local/lib/node_modules/expo-cli/node_modules/#expo/spawn-async/src/spawnAsync.ts:65:13)
I get errors while building your first network
I was able to run this command ./byfn.sh generate and can see peers and orderer generated.
With the command ./byfn.sh up I get the following error:
ERROR: SSL error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661) ERROR !!!! Unable to start network.
While using signtool for code signing on our buildserver jenkins shows the following error message:
Done Adding Additional Store
Error information: "Error: SignerSign() failed." (-2147023673/0x800704c7)
SignTool Error: An unexpected internal error has occurred.
We use an EV code sign certificate on a USB token. All tools are the latest ones available actually.
Any ideas?
It is not a problem at all using the same build task and running it manually on the same machine (as the user mentioned below) that jenkins is running on, and the same environment / directory.
The Jenkins service runs on a Windows 10 pro VM as a simple user with admin rights (not as Local System).
For more details see this excerpt from the Jenkins log:
Signiere FlinkySchule.FormularEditor.exe:
Verbindung zu Token auf- bzw. abbauen
***** code signing *****
Aktueller Pfad des signtool:
c:\JW\FS\Production\Deployment\Tools\signtool\kits
Zu signierende Datei:
c:\JW\FS\Production\Application\Assemblies\FlinkySchule.FormularEditor\bin\Release\\FlinkySchule.FormularEditor.exe
The following certificate was selected:
Issued to: Dirk W.
Issued by: GlobalSign CodeSigning CA - SHA256 - G3
Expires: Fri Apr 03 15:58:51 2020
SHA1 hash: 4187Cxyxyxyxyxyxyxyxyxyxyx7978C4
Done Adding Additional Store
EXEC : error information: "Error: SignerSign() failed." (2147023673/0x800704c7) [c:\JW\FS\Production\Application\Assemblies\FlinkySchule.FormularEditor\FlinkySchule.FormularEditor.csproj]
EXEC : SignTool error : An unexpected internal error has occurred. [c:\JW\FS\Production\Application\Assemblies\FlinkySchule.FormularEditor\FlinkySchule.FormularEditor.csproj]
One issue was the over all path length:
Even in the year 2017 you will run into the 260 characters path length restriction. Annoying! But we solved this and the error still occurs sometimes.
EV codesign with Jenkins using an eToken
Found a solution using jsign
java -jar jsign-2.0.jar --keystore .\eToken.cfg --alias %yourCertAlias% --storetype PKCS11 --tsaurl http://rfc3161timestamp.globalsign.com/advanced --tsmode RFC3161 --storepass %tokenPassword% %file2sign%
eToken.cfg:
name=eToken
library=c:\WINDOWS\system32\eTPKCS11.dll
Get the certificates alias using java keytool
keytool -list -keystore NONE -storetype PKCS11 -providerclass sun.security.pkcs11.SunPKCS11 -providerArg eToken.cfg
This should output something like
Keystore-Typ: PKCS11
Keystore-Provider: SunPKCS11-eToken
Keystore enthält 1 Eintrag
te-318f471f-9a0e-4101-bf45-96a656cc2306, PrivateKeyEntry,
Zertifikat-Fingerprint (SHA1):
41:87:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:X:XX:XX:XX:XX:79:78:C4
Maybe there are some more entries in the store. To find the right have look at your certifcate's fingerprint. The alias you need for jsign's alias parameter is the string in the example that starts with "te-318f4...."
Need more detailed help about this part? Please have a look at Trustzone.
Please let me know if you are interested in knowing how we do an automated build process on a separate build machine using only one eToken USB device.
I ran into this problem as well. I was able to duplicate error outside of Jenkins by running Signtool.exe, but when the prompt appeared for the token password, click cancel. You'll get the same error.
I have a C program which watches for the Symantec prompt and automatically enters the toke password. But Jenkins clearly wasn't running Signtool.exe in the same context as my password helper program. So I then edited my program which runs Signtool.exe to run the password helper program as well. It was still no good. Then I realized that maybe the problem how Jenkins is being run on the node. I had the Jenkins node running a service. Once I stopped the service, and connected by running the java command directly on the command line, it worked!
So now I know, if I'm going to run signtool on a Windows node, make sure the node is connected by running on the command line (via scheduled task), not a service. This changes the context Jenkins is run under which allows SignTool and the Token Prompt to play nice.
I had the same issue and solved it by installing the latest Windows 10 SDK, i.e. 10.0.15063.0
I omitted the countersignature :
/tr http://tsa.starfieldtech.com
I had to specify which certificate should be used for signing
/n "My Certificate Name"
Edit: Sorry my error code was different but google brought me here, so still might be helpful.
(-2146435071/0x80100001)
I am trying to sign my application using the -n option on Squirrel.exe from Octopus deploy.ps1 script I keep getting the following error:
System.AggregateException: One or more errors occurred. ---> System.Exception: Failed to sign, command invoked was: 'C:\OctopusTentacle\Applications\Test\Tridoo.Client\1.5.0-automate-deploym0024\tools\Squirrel\signtool.exe sign /a /f PersonalCodeSigningCertificate.pfx /p ******** /fd sha256 /tr http://timestamp.digicert.com /td sha256
If i run the exact call the signing works with no problem :-/
Any Idea what that could be?
I found the problem to be that the Octopus Tentacle was running under SYSTEM which would not let me use the signtool.exe
We have a private nuget repository. It was working well until last Friday. Now we get the following message:
Error: TrustFailure (The authentication or decryption has failed.)
The authentication or decryption has failed.
The authentication or decryption has failed.
Invalid certificate received from server. Error code: 0x5
What we tried to fix the problem:
updated nuget.exe
run the command mozroots --import --machine --sync