- May 14, 2008
I got a response from Comodo (who issued the code signing certificate). But it wasn't particularly helpful - they said the problem is most likely due to a bad internet connection, and the WinVerifyTrust API (the Windows API that's returning the CERT_E_EXPIRED error) couldn't be returning CERT_E_EXPIRED, but actually is returning CERT_E_REVOCATION_FAILURE (unable to verify the signature) error. I responded that it was unlikely given that (1) several thousand users suddenly had a bad internet connection, and it would work if they set their system clock back, and (2) the error returned by WinVerifyTrust was absolutely, positively CERT_E_EXPIRED. No further response, but they did obliquely hint that Microsoft might have added the certificate to the CRL (certificate revocation list).