Stripping an Authenticode Signature
September 12th, 2008 | by Jeff Fitzsimons |We needed to modify the resources of an installer and then apply an Authenticode signature. Unfortunately, it already had a signature on it, and modifying the resources of an executable with a signature results in a corrupted signature. The Microsoft signing tools cannot recover from this situation, so:
It is not possible to re-sign a file after modifying its resources.
However, it is possible to remove the existing signature, modify the binary, and then apply a new signature. There are two approaches (which almost certainly amount to the same thing):
-
Use delcert.exe from the this XDA Forum post (note, this is not the same as the SMS Server 2003 tool ccmdelcert.exe, which deletes all SMS certificates on a machine).
Write an application which calls ImageRemoveCertificate.