You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the following sample the SolarWinds certificate is valid to Friday, February 7, 2020 2:59:59 AM, however Windows accepts this as a valid signature, because there's a countersignature (Symantec SHA256 TimeStamping Signer - G3) that is valid and was signed on Monday, August 26, 2019 5:52:39 PM.
For some reason, Signify fails to verify the signature, saying that it expired, even though there's a valid countersignature:
VerificationError: Chain verification from CN=Solarwinds Worldwide\, LLC, O=Solarwinds Worldwide\, LLC, L=Austin, ST=Texas, C=US(serial:156211740539252461235167966181669418108) failed: The path could not be validated because the end-entity certificate expired 2020-02-06 23:59:59Z
I might be missing something, so please feel free to explain and close the issue if this is expected behavior. Thanks!
You are correct. The timestamp is present in the unauthenticated attributes with OID 1.3.6.1.4.1.311.3.3.1. This appears to be a RFC3161 response, which is included in Microsoft's own namespace. I'll look into this.
In the following sample the SolarWinds certificate is valid to
Friday, February 7, 2020 2:59:59 AM
, however Windows accepts this as a valid signature, because there's a countersignature (Symantec SHA256 TimeStamping Signer - G3
) that is valid and was signed onMonday, August 26, 2019 5:52:39 PM
.For some reason, Signify fails to verify the signature, saying that it expired, even though there's a valid countersignature:
VerificationError: Chain verification from CN=Solarwinds Worldwide\, LLC, O=Solarwinds Worldwide\, LLC, L=Austin, ST=Texas, C=US(serial:156211740539252461235167966181669418108) failed: The path could not be validated because the end-entity certificate expired 2020-02-06 23:59:59Z
I might be missing something, so please feel free to explain and close the issue if this is expected behavior. Thanks!
Sample:
SolarWinds MSP Patch Management Engine Setup.zip
The text was updated successfully, but these errors were encountered: