アプリ更新の機会があったので久しぶりにビルドしなおしたところ
SignTool Error: Multiple certificates were found that meet all the given
criteria. Use the /a option to allow SignTool to choose the best
certificate automatically or use the /sha1 option with the hash of the
desired certificate.
The following certificates meet all given criteria:
Issued to: xxxxx.co.jp
Issued by: COMODO RSA Extended Validation Code Signing CA
Expires: Sun Jan 29 08:59:59 2023
SHA1 hash: D8AB4636FBD474256D928B90B421107E3EDCE1DC
Issued to: WDKTestCert xxxxx,132823738331490962
Issued by: WDKTestCert xxxxx,132823738331490962
Expires: Wed Nov 26 09:00:00 2031
SHA1 hash: CBE1951F71011058E84725B9809205FA22817D77
証明書はCOMODOから取得したもの。
デバイスドライバに署名したときの証明書と判別できないらしい。
アナウンスに従って/a付きで試すも
Signtool Error: The provided cross certificate would not be present in the certificate chain.
んー
数分悩んだあと、直接SHA1ハッシュを指定すればいけるかもという事に気づく。
signtool sign .... /sha1 D8AB4636FBD474256D928B90B421107E3EDCE1DC
Done Adding Additional Store
Successfully signed: xxxxx.exe
ちょっと泥臭いけど解決!