none
An error occurred while signing: Failed to sign bin\Debug\app.publish\\program.exe. SignTool Error: Invalid option: /fd

    Question

  • I am trying to sign a Windows Forms application that uses ClickOnce with a certificate using SHA256. This gives the following error:

    An error occurred while signing: Failed to sign bin\Debug\app.publish\\setup.exe. SignTool Error: Invalid option: /fd

    I have located people having similar issues, but there is surprisingly little information on this issue online.

    https://stackoverflow.com/questions/37205270/error-attempting-to-sign-assembly-with-sha256-in-visual-studio

    https://stackoverflow.com/questions/44506082/which-version-of-signtool-is-visual-studio-2017-using


    The error disappears if I use SHA1 or no signing, but this is unfortunately not an option. I have verified that ClickOnce Publishing Tools is selected in the VS2017 installer. If I write 'where signtool' into the VS2017 command line, I get locations:

    C:\Program Files (x86)\Windows Kits\10\bin\x86\signtool.exe

    C:\Program Files (x86)\Windows Kits\10\bin\10.0.16299.0\x86\signtool.exe

    Any help is greatly appreciated!

    Monday, December 4, 2017 11:19 AM

All replies

  • Hi cbwestl,

    >>SignTool Error: Invalid option: /fd

    The error says /fd is invalid. I checked this document in MSDN about SignTool.exe (Sign Tool), that says:

    Sign command option Description
    /fd                        Specifies the file digest algorithm to use for creating file signatures. The default is SHA1.

    So this is why you can use SHA1 instead of SHA256.

    Regards,

    Stanly


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.


    Tuesday, December 5, 2017 7:21 AM
    Moderator
  • Thank you for the input. Indeed, /fd selects file digest algorithm.

    But still, why is my signtool lacking /fd option? I have an up-to-date version of Visual Studio 2017 and even tried repairing the installation.

    Tuesday, December 5, 2017 10:03 AM
  • Hi chwestl,

    Not sure why, maybe you can refer to the following documents for signing application:

    How to: Sign Application and Deployment Manifests

    How to sign an app package using SignTool

    Regards,

    Stanly


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Wednesday, December 6, 2017 6:48 AM
    Moderator
  • I found the problem. I had an old Visual Studio 2008 installation on the same computer. Somehow VS2017 was referencing an old version of Signtool. Removing Visual Studio 2008 and all it's components solved the issue.

    Thursday, December 7, 2017 7:34 AM
  • Hi cbwestl,

    Congratulations!

    Hope you can close this thread by marking the helpful reply as answer as this will help others looking for the same or similar issues down the road.

    Thanks for your understanding.

    Regards,

    Stanly


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Thursday, December 7, 2017 7:37 AM
    Moderator
  • Unfortunately this may solve the problem for those that do not need Visual Studio 2008. I however I do and cannot fathom why VS2017 would reference an old version of Signtool. I guess the same reason I cannot fathom why I have to reinstall Power Tools almost every time I do a Windows 10 update.  Glad it worked for you though :)
    Friday, February 9, 2018 7:46 PM
  • Good afternoon

    I have the same issue, and cannot uninstall vs2008... anyone has found the way to get VS2017 reference the correct version of signtool??

    Any help would be *very* appreciate

    Regards

    Friday, June 8, 2018 1:37 PM