Page MenuHomeFeedback Tracker

DSSignFile fails to sign files - Error description: 8009000b
Assigned, WishlistPublic

Description

I have a PBO created with the Addon Builder however whenever I try to use DSSignFile to sign the .pbo file it produces the following error.

Processing FFE_Medi99.pbo (2 MB)...
Error description: 8009000b: Key not valid for use in specified state.Failed to sign FFE_Medi99.pbo
Failed to sign 1 file

I have created new keys with DSCreateKey and using DSTools and each key generates the same error condition {F27012}

Details

Legacy ID
1635548685
Severity
None
Resolution
Open
Reproducibility
Always
Category
Tools
Steps To Reproduce

Manual method

DSCreateKey testkey
DSSignFile testkey.biprivatekey FFE_Medi99.pbo

Using DSUtils

Open DSUtils
Click the N button to create a new key
Name the Authority testkey
Note the name of the folder in which it is created
Ensure the new key is selected by clicking the folder icon and selecting the folder containing the new key
Drag and drop the .pbo file into the list section of the window
Click Process Files, the following is displayed in the message window

Added: FFE_Medi99
Added: 1
Processing FFE_Medi99.pbo (2 MB)...
Failed to sign FFE_Medi99.pbo
Failed to sign 1 file
Error description: 8009000b: Key not valid for use in specified state.

Additional Information

I have also downloaded the DSCreateKey zip file from the BI website but keys created using this tool produce the same error

Event Timeline

Bohemia edited Steps To Reproduce. (Show Details)Sep 10 2015, 10:48 PM
Bohemia edited Additional Information. (Show Details)
Bohemia set Category to Tools.
Bohemia set Reproducibility to Always.
Bohemia set Severity to None.
Bohemia set Resolution to Open.
Bohemia set Legacy ID to 1635548685.May 8 2016, 12:41 PM
Bohemia added a subscriber: Bohemia.

I have retried the manual method in a Virtual Machine running Win7 64bit (same as my PC) with the same binaries, keys and pbo file. That time the operation was successful. For the VM I did not set a password. My PC is an Active Directory domain member and I login using domain credentials. The VM is not a domain member.

Hello,

I already have seen this error years ago (~ 2008). If I recall correctly, there are two potential causes:

  1. The most common is the usage of the public key to sign an addon but in our case, you can only select a private key.
  1. A bit more tricky, 8009000b matches a Windows error, related to the account management which could corrupt the private key. What you could test would be to activate the Administrator Account, log into this account, create your signature and try to sign a file from this account and yours, to determine if its about the signature or the private key.

To enable the local administrator account, open a CMD as administrator and type:
net user administrator /active:yes
To disable it, replace yes by no.

Unfortunately I can't go down the local administrator route on this PC, it is an Active Directory domain member and I authenticate using AD user credentials. As I mentioned in my comment above, I was able to successfully sign the pbo using the same key and binaries when I ran it from within a virtual machine, so it doesn't appear to be the key that's at fault.

can acknoledge the problem:

Try to sing a file with DSSignFile and my biprivatekey on my domain-account (witch is part of the local administrator group) -> "cpaquire context failed"
Try to sing a file with DSSignFile and my biprivatekey on my local-account (witch is part of the local administrator group) -> worked totaly fine

Would be greate to have a solution for that!