We are looking into it.

It might be related to this change,
http://social.technet.microsoft.com/...estamping.aspx

Where some SHA-1 code signing certificates are no longer being accepted after 1 Jan 2016

I found out the error only happens after you install the Windows 10 updates from 1-12-16 (last Tuesday). At least on the 64 bit version. My guess is it is the KB3124263 update, which is a Cumulative Update for Windows 10 Version 1511 for x64-based Systems. But I could be wrong. Thanks for looking into it.

Do you have the Window's Insider option turned on? And are thus getting pre-releases of the Windows patches?

We tested it on a up to date Win10 machine this morning (without Window's Insider), but didn't see any problem. So it must only effect some subset of Win10 machines.

We are also changing the code signing procedure in any case to append SHA-256 hashes to the existing signatures. But the Microsoft procedure is ridiculously complex. We are starting to suspect that it is no longer possible to use Win7 as a development platform for apps that need to run on Win10. As the newer signing tool doesn't seem to work on Win7 anymore. So much for backwards compatibility.

Update:
On a other Win10 test machine we did see this warning message from the Windows "SmartScreen" service.

"Windows protected your PC
Windows SmartScreen prevented an unrecognised app from starting. Running this app might put your PC at risk. More info"

Clicking on More info gives the user to run the software anyway, but it is a bit of a scary message. Especially for a novice user.

Example smart screen warning message in Windows 10:



Note that if you click on "More info" you then have the option to install the software.

No, I do not have Windows Insider option turned on. I am running Windows 10 Pro 64bit. It is an upgrade from Windows 8.1 Pro 64bit, not a clean install.

I didn't get the signing error on my laptop till after I installed the latest updates.

Yeah, Microsoft does seem to be pushing that Windows 10 only thing.

Thanks for looking into it.

Just wanted to know if anyone who is reading this is also getting the “ The signature of bitpro.exe is corrupt or invalid” error when downloading. Passmark is working on the problem, but if I am the only one getting the error then maybe it is something on my end.

This is with Windows 10 Pro 64bit and all the MS updates/patches.

Thanks.....

Passmark has fixed the problem with the signature being corrupt or invalid. Thanks for fixing the problem.

We finally got to the bottom of the issue (we believe).

The problem was not to do with the SHA-1 hashing as we initially suspected, but the hashing might come back to bite us later in the year. We could switch hashing algorithms now, but we are suspecting it might then break on earlier releases of Windows. Anyway that isn't the problem for the moment.

The signature was never corrupt or even invalid. Microsoft changed their requirements in Win10 for the way software installers are signed & their communication to developers has been pretty much non existent. Basically its been a total surprise.

It seems (to us) that over time Microsoft are trying to push all developers to use the Microsoft Store, with the aim to taking a cut from every sale. So they are making it harder to developers to provide direct downloads of software.

There seems to be a couple of different Win10 behaviours, either the corrupt message or the SmartScreen warning. Maybe the home & enterprise versions of Windows or different, or maybe it is a Windows setting. We think they are the same problem however.

Anyway after some trial and error it seems that a EV code signing certificate is now required for .exe files that are installers on Win10. Other .exe files, like the main program file, don't need EV code signing.
EV = Extended Validation.

To make this work, you need money ($400 - $800 per year), a hardware dongle, a whole bunch of passwords and some special code signing software.

This also seems to completely break the automation of the software build process, as best we can tell the whole process needs to be done manually by the single dude who has the hardware dongle. So no scripting or make files.

This is going to really hurt open source and small developers that can't justify the cost of the EV certificate.

Luckily we already had a CV certificate sitting around from another project. So it looks like we are back in business for the moment, at least until the dongle fails.

A new install package for BurnInTest has been uploaded to our web site.

You still need to update the signature on the newest version of Monitor Test. It still gets the error when you download it. Thanks...

An updated MonitorTest package has now been released.