Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Configure Authenticode Timestamp

Owned by Josefin Klang (Deactivated)
Last updated: Jun 21, 2024 by Ylva AnderssonVersion comment
1 min read

The Nexus Timestamp Server (starting version 2.3.0) supports time stamping Microsoft Authenticode signatures. The distribution contains a sample Authenticode time stamp service, located in the <conf>/services/authenticodesample directory.

An Authenticode signature time stamping service is configured with the following steps:

  1. Add Authenticode Policies configuration. For more information, see Policies used in Nexus Timestamp Server.

  2. Add Authenticode Chain configuration. For more information, see Filter chains used in Nexus Timestamp Server.

  3. Add AcTimestampTokenFilter configuration in service.properties. For more information, see AcTimestampTokenFilter in Description of filters in Nexus Timestamp Server.

Example

Here is an example of triggering Authenticode signature time stamping request using PowerShell cmdlet Set-AuthenticodeSignature:

Set-AuthenticodeSignature -FilePath "<directory-of-the-to-be-signed-file>" -Certificate "<path_to_signer.p12>" -HashAlgorithm <SHA256> -TimeStampServer "http://<timestamp-server>:<port>/"

 

Additional information

 

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions