Files that are catalog-signed might not retain their digital signature. The digital signature might not be retained if the operating system version of the original client is different from the operating system version of the target client. The following scenario is provided for reference:
- Open Windows Explorer and navigate to C:\Windows\.
- Right-click Regedit.exe.
- Left-click Properties and look for the Digital Signatures tab. The tab isn't present.
- Go to Start, Run, and type in Sigcheck.exe -i C:\Windows\regedit.exe. The Sigcheck process runs and returns a result of Verified: Signed from regedit.exe. It also details the catalog that the file is referenced in.
If the same file (
regedit.exe) is moved from the original client to another client missing the catalog, the same
Sigcheck.exe -i C:\temp\regedit.exe command returns a
Verified: Unsigned result.
