I'm maintaining a plugin for Creative Suite, and trying to build installers for both Mac and Windows. I'm able to use `ZXPSignCmdMac -sign ... ` and get output "Signed successfully". The resulting .zxp files appear valid, in that I am able to build mac installers based on them that install properly and work as advertised.
However, my attempts to sign and build windows installers are failing with "Zxp signature verification failed: 50". In attempting to troubleshoot this, I tried running "ZXPSignCmdMac -verify" on the same files generated above that appeared to "Sign successfully", and I get: "
"Error - Failed to verify signature. Signature might have been tampered with."
I'm confused as to why signing could appear successful, when something is definitely amiss.
NOTE: I've tried ZXPSignCmd-64bit, too, with similar results.
$ bin/ZXPSignCmd-64bit -sign dist/g "foo.zxp" certs/5310dab17e8e15-SHA2.p12 `cat certs/5310dab17e8e15-SHA2.pass` -tsa http://timestamp.digicert.com Signed successfully
$ bin/ZXPSignCmd-64bit -verify foo.zxp Error - Failed to verify signature. Signature might have been tampered with.
Also, can anyone point me to the error codes returned when using the -verify flag? We've seen values of 50, 52, and some customers are seeing a value of -1073741515. Are these error codes documented anywhere?
Were you able to find an answer for your question? I am running into the exact same issue