Error Message/Details	Workaround
Message: Error running signtool.exe: 2
When attempting to publish a Client from the Client Admin, the following message may display:	This cab be caused by using the old Upgrade Tool. If this occurs on a server that was upgraded to V3.5.1, confirm the version of the Upgrade Tool is correct. This is the response received when reaching out to a website to sign the Client. If an error in the response is encountered, an error occurs. For example, from Fiddler, error handling request, status=0x9300 displays: This can be caused by a problem website itself, but it can also be caused if the Client Admin points to the wrong addresses. In versions 3.5 and lower, the Client is signed with an older, depreciated SSL cipher. This causes the Client install to fail, due to a specific Microsoft patch. In 3.5.1 (and patches of older versions), the Client is signed with a SHA256 cipher. This means that the websites used to sign the Client in V3.0 and lower do NOT work for V3.5.1. You must ensure the TimestampURL in the C:\Program Files (x86)\Nuance\ClientAdmin\ClientAdmin.exe.config file in configured properly. An example of a working config for V3.5.1: <add key="TimeStampURL" value="http://sha256timestamp.ws.symantec.com/sha256/timestamp, http://tsa.starfieldtech.com, http://timestamp.comodoca.com/authenticode, http://timestamp.globalsign.com/scripts/timstamp.dll" /> An example of a NON working config for 3.5.1: <add key="TimeStampURL" value="http://timestamp.verisign.com/scripts/timstamp.dll, http://timestamp.globalsign.com/scripts/timstamp.dll, http://timestamp.comodoca.com/authenticode, http://www.trustcenter.de/codesigning/timestamp, http://tsa.starfieldtech.com,http://card.aloaha.com:8081/tsa.aspx" />

Error Message/Details

Workaround

Message:

When attempting to publish a Client from the Client Admin, the following message may display:

This cab be caused by using the old Upgrade Tool.

If this occurs on a server that was upgraded to V3.5.1, confirm the version of the Upgrade Tool is correct.

This is the response received when reaching out to a website to sign the Client. If an error in the response is encountered, an error occurs.

For example, from Fiddler, error handling request, status=0x9300 displays:

This can be caused by a problem website itself, but it can also be caused if the Client Admin points to the wrong addresses.

In versions 3.5 and lower, the Client is signed with an older, depreciated SSL cipher. This causes the Client install to fail, due to a specific Microsoft patch. In 3.5.1 (and patches of older versions), the Client is signed with a SHA256 cipher.

This means that the websites used to sign the Client in V3.0 and lower do NOT work for V3.5.1. You must ensure the TimestampURL in the C:\Program Files (x86)\Nuance\ClientAdmin\ClientAdmin.exe.config file in configured properly.

An example of a working config for V3.5.1:

<add key="TimeStampURL" value="http://sha256timestamp.ws.symantec.com/sha256/timestamp, http://tsa.starfieldtech.com, http://timestamp.comodoca.com/authenticode, http://timestamp.globalsign.com/scripts/timstamp.dll" />

An example of a NON working config for 3.5.1:

<add key="TimeStampURL" value="http://timestamp.verisign.com/scripts/timstamp.dll, http://timestamp.globalsign.com/scripts/timstamp.dll, http://timestamp.comodoca.com/authenticode, http://www.trustcenter.de/codesigning/timestamp, http://tsa.starfieldtech.com,http://card.aloaha.com:8081/tsa.aspx" />

- Return to list -