Thircase wrote: ↑29 Mar 2024, 22:36
A couple of weeks ago I noticed I was missing a certificate required to verify the Sectigo certs.
The missing certificate was: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
So, I grabbed this Mozilla CA certificate Bundle and added the missing certificate to the .pem file, and solved the issue.
Hi, THanks for the guide. Unfortunately this still did not work for me, Wondering if I am missing another cert perhaps? Appreciated the help.
",,,Timestamp Verified by:
Issuer : /C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Time Stamping CA
Serial : 394C25E17CA06D27A865E23BD91D22D4
CMS_verify error
8009AF5D0E7F0000:error:1700006B:CMS routines:cms_get_enveloped_type:content type not enveloped data:../crypto/cms/cms_env.c:41:
8009AF5D0E7F0000:error:17000064:CMS routines:cms_signerinfo_verify_cert:certificate verify error:../crypto/cms/cms_smime.c:289:Verify error: unable to get local issuer certificate
Timestamp Server Signature verification: failed
PKCS7_verify error
8009AF5D0E7F0000:error:10800075:PKCS7 routines:PKCS7_verify:certificate verify error:../crypto/pkcs7/pk7_smime.c:293:Verify error: unable to get issuer certificate
Signature verification: failed
Number of verified signatures: 1
Failed"