Skip to main content
Druva Documentation

How to check the digital signature of the inSync Client package or processes

 

Overview

This article provides details on how to check the digital signatures of the inSync Client package and inSync processes.

Check the digital signatures of inSync Client package

Perform the following steps to check the digital signatures of the inSync Client package 

  1. Download the Microsoft Sigcheck tool from the link: https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck
  2. Unzip the downloaded Sigcheck tool and run the command mentioned below from the path where you have unzipped the tool.

C:\Program Files (x86)\Druva\inSync>sigcheck -a -r -i -m -h "C:\Download_new_logs\New folder\inSync6.6.1r99876.msi"

Sigcheck v2.73 - File version and signature viewer

Copyright (C) 2004-2019 Mark Russinovich

Sysinternals - www.sysinternals.com

c:\download_case_logs\new folder\inSync6.6.1r99876.msi:

        Verified:       Signed

        File date:      3:13 AM 4/28/2020

        Signing date:   10:44 PM 2/26/2020

        Catalog:        c:\download_case_logs\new folder\inSync6.6.1r99876.msi

        Signers: Druva Inc

                Cert Status:    Valid

                Valid Usage:    Code Signing

                Cert Issuer:    Sectigo RSA Code Signing CA

                Serial Number:  00 F8 BF 3C 55 64 59 D3 6E 84 24 21 77 BD 95 12 DB

                Thumbprint:     8D3B95C99D734301D09E44A218F79684AAEE7D34

                Algorithm:      sha256RSA

                Valid from:     5:30 AM 4/8/2019

                Valid to:       5:29 AM 4/4/2021

           Sectigo RSA Code Signing CA

                Cert Status:    Valid

                Valid Usage:    Code Signing, Timestamp Signing

                Cert Issuer:    USERTrust RSA Certification Authority

                Serial Number:  1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A

                Thumbprint:     94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66

                Algorithm:      sha384RSA

                Valid from:     5:30 AM 11/2/2018

                Valid to:       5:29 AM 1/1/2031

           Sectigo

                Cert Status:    Valid

                Valid Usage:    Timestamp Signing, EFS, IPSEC Tunnel, Server Auth, IPSEC User, Client Auth, Email Protection, Code Signing

                Cert Issuer:    USERTrust RSA Certification Authority

                Serial Number:  01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D

                Thumbprint:     2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E

                Algorithm:      sha384RSA

                Valid from:     5:30 AM 2/1/2010

                Valid to:       5:29 AM 1/19/2038

        Counter Signers:

           Sectigo RSA Time Stamping Signer #1

                Cert Status:    Valid

                Valid Usage:    Timestamp Signing

                Cert Issuer:    Sectigo RSA Time Stamping CA

                Serial Number:  3D 1A 35 72 30 15 82 63 30 D0 13 71 7E 82 41 08

                Thumbprint:     25C8AC734E4850B7F8D91391A81B924936659F61

                Algorithm:      sha384RSA

                Valid from:     5:30 AM 5/2/2019

                Valid to:       5:29 AM 8/2/2030

           Sectigo RSA Time Stamping CA

                Cert Status:    Valid

                Valid Usage:    Timestamp Signing

                Cert Issuer:    USERTrust RSA Certification Authority

                Serial Number:  30 0F 6F AC DD 66 98 74 7C A9 46 36 A7 78 2D B9

                Thumbprint:     02D65B95E28370C1570095FA88F923DD937FAD8F

                Algorithm:      sha384RSA

                Valid from:     5:30 AM 5/2/2019

                Valid to:       5:29 AM 1/19/2038

           Sectigo

                Cert Status:    Valid

                Valid Usage:    Timestamp Signing, EFS, IPSEC Tunnel, Server Auth, IPSEC User, Client Auth, Email Protection, Code Signing

                Cert Issuer:    USERTrust RSA Certification Authority

                Serial Number:  01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D

                Thumbprint:     2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E

                Algorithm:      sha384RSA

                Valid from:     5:30 AM 2/1/2010

                Valid to:       5:29 AM 1/19/2038

        Company:        n/a

        Description:    n/a

        Product:        n/a

        Prod version:   n/a

        File version:   n/a

        MachineType:    n/a

        Binary Version: n/a

        Original Name:  n/a

        Internal Name:  n/a

        Copyright:      n/a

        Comments:       n/a

        Entropy:        7.916

        MD5:    490B9C1FB8EE6D54A216A5DA4F31BA11

        SHA1:   6C36F4BD95CE9EA718CD5CAD6BFD4BE14FB5B7B3

        PESHA1: 6C36F4BD95CE9EA718CD5CAD6BFD4BE14FB5B7B3

        PE256:  80204FEBF7DBE31A7EDE6835C0DB8875C2D3154EF0BEAC65301C333C10727ECF

        SHA256: 80204FEBF7DBE31A7EDE6835C0DB8875C2D3154EF0BEAC65301C333C10727ECF

        IMP:    n/a

C:\Program Files (x86)\Druva\inSync>

 

Similarly, you can check the digital signature for any process by pointing the command to the location of the .exe file.

For example:

sigcheck -a -r -i -m -h "C:\Program Files (x86)\Druva\inSync\inSync.exe"