10 Replies Latest reply on Sep 2, 2013 2:32 AM by Yuanyuan Liu

    Extension signature time stamping not working as expected

    MSSDedalus Level 1

      Due to an issue with my previous certification provider my extensions where invalid after the certificate expired, now I have changed the provider and want to make sure that they won't be invalid again when the certificate expires.

       

      Therefore I'm checking that the timestamping option of the Signing tool kit ( -tsa) works fine, therefore after packaging and signing my extensions I have changed my computer date to 2017 and tested, the currently certificated and time stamped extension fails to be installed with this date, if I use GeoTrust it works fine.

      I have checked the signature file and both seem to include the needed timestamping details.

       

      I have contacted my current certification provider support and they answered that it seems that Extension Manager is enforcing to expect that the Time Stamping Authority certificate remain valid indefinitely which is not how they understand Time Stamping should work.

       

      I thought that using timestamp was the method to ensure that extensions could be installed at any time independently of the validity of the certificate in the future.

       

      Please can someone check that Extension Manager installs the time stamped extensions correctly in the future ? Or do I need to use any special timestamping server?

       

      Thanks in advance.