[Mono-dev] [mozroots]: Microsoft Office files can't be traced to a trusted root
Robert Jordan
robertj at gmx.net
Mon Aug 29 07:42:55 EDT 2011
On 29.08.2011 07:57, jaysonp wrote:
> Hi All,
>
> In relation to a previous post of mine with subject "[mono][chktrust]:
> signature can't be traced back to a trusted root!", I would just like to
> check if someone knows why the digital signatures of Microsoft Office files
> (i.e winword.exe, excel.exe, powerpnt.exe) can't be traced to a trusted root
>
> I've already imported certs using mozroots (mozroots --import --sync
> --machine)
> Also, with the help of a powershell script given to me (Thanks to
> Robert), I've already imported root and trusted CAs of my machine to mono
> trust store. But still, after doing both, digital signatures can't still be
> traced to a trusted root.
The PowerShell script is ignoring certificates that did
not pass verification. Maybe these Office executables were
signed with a cert that has expired in the meantime.
Try to reimport w/out this line:
$certs = $certs | Where-Object { $_.Verify() }
Robert
More information about the Mono-devel-list
mailing list