Configure Authenticode Timestamp
The Nexus Timestamp Server (starting version 2.3.0) supports time stamping Microsoft Authenticode signatures. The distribution contains a sample Authenticode time stamp service, located in the <conf>/services/authenticodesample directory.
An Authenticode signature time stamping service is configured with the following steps:
Add Authenticode Policies configuration. For more information, see Policies used in Nexus Timestamp Server.
Add Authenticode Chain configuration. For more information, see Filter chains used in Nexus Timestamp Server.
Add AcTimestampTokenFilter configuration in service.properties. For more information, see AcTimestampTokenFilter in Description of filters in Nexus Timestamp Server.
Example
Here is an example of triggering Authenticode signature time stamping request using PowerShell cmdlet Set-AuthenticodeSignature:
Set-AuthenticodeSignature -FilePath "<directory-of-the-to-be-signed-file>" -Certificate "<path_to_signer.p12>" -HashAlgorithm <SHA256> -TimeStampServer "http://<timestamp-server>:<port>/"