Timestamp Servers

Suddenly (well, not suddenly – I haven’t checked in many weeks), I cannot get a response from any timestamp servers. verisign, globalsign, digicert – none of them seem to work, either from Visual Studio or from a batch file calling signtool.

They all say
SignTool Error: The specified timestamp server either could not be reached or returned an invalid response.

Is it only me?

1 Like

i have had valid responses from digicert as recently as a few minutes ago

Globalsign notified me that they will be shutting down their SHA-1 timestamping service on January 26, 2021. That does not seem to explain your problem, but it’s another related “joy” to look forward to in the very near future.

My guess is an internet issue.

I think the issue is that Verisign has shut down their timestamp service, and I fooled myself into thinking the others weren’t responding, either. The MSBuild files in the 8.1 WDK have Verisign hardcoded, but I can override it.

I abandoned the builtin signing a long time ago for this reason. Even when
it was up, the owners of the verisign server took it down whenever they
felt like it and builds would fail.
Mark Roddy

1 Like

Interesting. In 15 years of signing, that has never happened to me, until this month.

Yes the very obsolete DNS names have recently been retired. I had one project that still referenced them and I want to say that it started to fail in mid-December but I’m not sure exactly when.

I have never used the built-in signing as I always found it unreliable. Of course when VS started to support it, I already had scripts to call signtool on the command line, so after a brief test that did not work, I did not put any more effort into it so my assessment is probably not a fair one

Still today neither verisign nor Globalsign are working. what the hell happen to them.

Verisign and GlobalSign announced they were terminating their timestamp servers. The suggested replacement is digicert.com, and that’s working for me.

Yes, DigiCert works for me too.
I was able to integrate it into Visual Studio Build by making Timestamp Server as “None” and adding → \t “http://timestamp.digicert.com
to Additional Command Line Params in the Driver Signing dropdown.