locked
SignTool Error: SignerSign() failed. (-2146893792/0x80090020) RRS feed

  • Question

  • Hi Experts,

    After I make sys file, then I want to digital sign it.

    The  command that I ran is:
    "C:\Program Files (x86)\Windows Kits\10\bin\x64\signtool.exe" sign  /ac "Certum Trusted Network CA.crt" /sha1 afdd9e4c718b41fb7981ee32c55837035bdb9abe /tr http://time.certum.pl /fd sha256 /s my  /v C:\Users\piaoying\Desktop\digitalsign\Driver\dmfs.sys

    I ran this command use the administrator account (Windows 10 family edition), the following error however came out:
    Done Adding Additional Store
    SignTool Error: An unexpected internal error has occurred.
    Error information: "Error: SignerSign() failed." (-2146893792/0x80090020)

    My cert is the Ev code sign certificate with SimplySign from Certum.

    I tried to sign the file under other PC(windows 2008 R2), the error code did not change (-2146893792/0x80090020);


    I checked the error code. It means the internal error .

    Now I does not know what is the problem. The OS , the certificate or the dmfs.sys file. 

    Could you please tell me what the problem it is and how to resolve it?

    Thanks a lot.

    xiaopei
    Wednesday, December 19, 2018 3:05 PM

All replies

  • Hi,

    Thank you for posting in our forum.

    According to the error, Error information: "Error: SignerSign() failed." (-2146893792/0x80090020) which is An internal error occurred.

    1, This issue may occur if you chose "RSA#Microsoft Software Key Storage Provider (MSKSP)" in "Configure Cryptography for CA". Please try to select the option "Use strong private key protection features provided by the CSP…" in the same window to install CA again. Could you install it now? If not, please check the following Registry key: Key: HKLM\SOFTWARE\Microsoft\Cryptography Value: ForceKeyProtection Is it set to 1? You may change it to 0 and test. 

    Also, we could try to following the methods to have a try:

    There's a setting in the IIS Application Pool configuration (Application Pools > Advanced Settings) to load the user profile for the application pool identity user. When set to false, the key containers aren't accessible. So just set Load User Profile option as True

    SignTool Error: An unexpected internal error has occurred. Error information: "Error: Store::ImportCertObject() failed." (-2146893792/0x80090020)

    https://windows-hexerror.linestarve.com/q/so6744384-SignTool-unexepected-internal-error

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    COM Error Codes (Security and Setup)

    https://docs.microsoft.com/zh-cn/windows/desktop/com/com-error-codes-4

    How to sign an app package using SignTool

    https://docs.microsoft.com/zh-cn/windows/desktop/appxpkg/how-to-sign-a-package-using-signtool

    Hope my information could help you. If you have anything unclear, please feel free to let me know.

    Best regards

    Julie


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Thursday, December 20, 2018 6:57 AM
  • Hi,

     

    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance. If you feel my information is helpful, please "mark it as answer" which helps to other community users find the answer quickly and efficiently when they face the same issue. 

    Best regards

    Julie 


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, December 24, 2018 2:00 AM
  • Hi,

     

    Was your issue resolved?

     

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

     

    Best Regards,

    Julie 


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, December 26, 2018 3:16 AM