[Mono-list] Authenticode on Windows with Mono.Security.dll from 2.6.7

Cameron Taggart cameron.taggart at gmail.com
Mon Jul 26 23:17:07 EDT 2010

I would like to check if an Authenticode signature on an assembly is
valid. It looks like the code should be pretty simple, just create a
new AuthenticodeDeformatter instance and call IsTrusted(). The problem
is that it is always returning false. I believe the chktrust utility
uses the same code and suffers from the same problem:

set PATH=C:\Program Files\Mono-2.6.7\bin;%PATH%
C:\tmp>chktrust -v
Mono CheckTrust - version
Verify if an PE executable has a valid Authenticode(tm) signature
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell.
BSD licensed.

Verifying file Microsoft.SqlServer.SqlEnum.dll for Authenticode(tm)

INFO! Microsoft.SqlServer.SqlEnum.dll was timestamped on 7/10/2008 2:06:25 AM
ERROR! Microsoft.SqlServer.SqlEnum.dll signature can't be traced back
to a trusted root!

I did find this FAQ, but need more help.
What does "signature can't be traced back to a trusted root!" means ?

On Windows and running on .NET CLR, is there any way to have
Mono.Security.dll use the certificates that are stored in Windows?
They are viewable via start > run... > certmgr.msc?

Using certmgr, is there a way to list all the certificates currently
installed? I get an exception when I try this:

C:\tmp>certmgr -list -c -m
Mono Certificate Manager - version
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell.
BSD licensed.

Unhandled Exception: System.IndexOutOfRangeException: Array index is
out of range.
  at Mono.Tools.CertificateManager.Main (System.String[] args)
[0x00000] in <filename unknown>:0


More information about the Mono-list mailing list