[Resolved] Error signing a package

Questions about WAPT Packaging / Requests and help regarding Wapt packages.
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
sounds
Messages: 3
Registration: May 2, 2019 - 12:30 p.m.

May 2, 2019 - 12:37

Hi,

In order to manage the uninstallation of software not deployed by WAPT, I'm trying to create an empty package to accomplish this task.

The problem is that using the `build-upload` command (and the `build package` command as well) returns an error after prompting for the private key password.
The password is correct, but it contains special characters: hyphens and accented characters.

I've tried using the command prompt, PowerShell, and logging in as a local administrator on the machine... nothing works.

The error message is: FATAL ERROR: EWaptMissingPrivateKey: The key matching the certificate C:\private\xxx.crt cannot be found or decrypted.


I've tested via the console, using an .msi file, and the package is correctly signed and lands successfully in my repository.

Do you know if the problem could stem from the use of special characters?
Do you have a workaround?
Thanks :D
Last edited by sones on May 13, 2019 - 10:35, edited 1 time.
High
User avatar
dcardon
WAPT Expert
Messages: 1932
Registration: June 18, 2014 - 09:58
Location: Saint Sébastien sur Loire
Contact :
Contact dcardon

May 9, 2019 - 7:22 PM

Hello Sones,
sones wrote: May 2, 2019 - 12:37 PM To manage the uninstallation of software not deployed by WAPT, I'm trying to create an empty package to accomplish this task.

The problem is that using the build-upload command (and the build package command too...) returns an error after prompting for the private key password.
The password is correct, but it contains special characters: hyphens and accented characters.

I've tested it in cmd, in PowerShell, by logging in as a local administrator on the machine... nothing works.

The error message is: FATAL ERROR: EWaptMissingPrivateKey: The key matching the certificate C:\private\xxx.crt cannot be found or decrypted.


I tested via the console, using an .msi file; the package is correctly signed and lands successfully in my repository.

Do you know if the problem could stem from the use of special characters?
Do you have a workaround?
There might be a Unicode problem somewhere. What version of WAPT, OS, etc. (cf. viewtopic.php?f=9&t=886) ?
You can try changing the signature key password through the console (if there are no unicode problems, menu "tools/ change private key password").

Sincerely,

Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
High
sounds
Messages: 3
Registration: May 2, 2019 - 12:30 p.m.

May 13, 2019 - 09:52

Thanks for the feedback:

- WAPT version installed (1.7)
- Server OS (Linux Debian Stretch)
- Administration/package creation machine OS (Windows Server 2016)

I haven't had time to test the key change yet; I recently went from 50 machines in the inventory to over 400.

Does changing the key also mean re-signing all packages/distributing the .pem file to client machines?
High
User avatar
htouvet
WAPT Expert
Messages: 436
Registration: March 16, 2015 - 10:48
Contact :
Contact htouvet

May 13, 2019 - 09:59

Denis was talking about changing the "password" of the key, not the key itself. The key itself doesn't change, only its encrypted representation in the .pem file.
So there's no impact on the packet signature.
Tranquil IT
High
sounds
Messages: 3
Registration: May 2, 2019 - 12:30 p.m.

May 13, 2019 - 10:35

:oops: OK, changing the password solved my problem. :D

Thank you both.
High
Locked

Return to “WAPT Packages”


  • To go further with WAPT