This was working. Nothing (explicitly) has changed in the build process. Suddenly, 4 EXEs no longer being signed by signtool.exe.
Command Line: signtool.exe sign /v /d "Company" /du http://www.company.com/ /fd SHA256 /tr http://timestamp.entrust.net/TSS/RFC3161sha2TS /td SHA256 /f C:\filepath\Cert.pfx /p [suppressed] C:\filefolder\some.exe
The following certificate was selected:
Issued to: Company
Issued by: DigiCert Trusted XXXXXXXXXX
Expires: Thu XXXX 2024
SHA1 hash: XXXXXXXXx
Done Adding Additional Store
Number of files successfully Signed: 0
Number of warnings: 0
Number of errors: 1
SignTool Error: SignedCode::Sign returned error: 0x800700C1
For more information, please see https://aka.ms/badexeformat
The assemblies in question is something we produce daily. These specific EXEs are targeting win64 netcoreapp3.1. This is what these have in common. A page with "know issues" does not have this error listed - https://learn.microsoft.com/en-us/windows/msix/package/signing-known-issues.
And BTW, it signs netcoreapp3.1 DLLs without an issue, during the same process.
I suspect, either something changed in the compiler, or sign tool. Although sign tool is not likely the cause. Wonder if there is a way to correct the output or at least find what causing it?