I'm running Windows 7 and when I try to run a batch file, it says, "The publisher could not be verified. Are you sure you want to run this software?"
So when I try to sign it with my code signing certificate, it says "SignTool Error: This file format cannot be signed because it is not recognized."
So I'm stuck between a rock an a hard place. Is there a way to eliminate either message?
What you are seeing is a general prompt that Windows provides whenever you try to open any time of file that has been downloaded. What happens is that when you download a file, it is tagged with a flag that indicates that it came from the Internet and is thus potentially dangerous. When you try to run such a file, Windows checks to see if it has a valid signature in order to determine if it can be trusted.
What you can do is to strip the flag from the file by using the Unblock button in the file’s properties, after which, Windows will leave you alone whenever you try to run it:
The problem is that batch-files are text-files that can be executed. While it is possible to sign a text-file, it will end up appending a bunch of binary data to the file which for a batch-file is bad because it is gibberish and will cause problems when the command-interpreter tries to execute it. Commenting out the signature will not work either because then the signature becomes corrupt.
Therefore, signing a batch file is not going to work.
What you need to do is to figure out why the system is prompting you when trying to run it. By default, Windows does not ask before running batch-files, so you must have a either a special policy or security program blocking it. Check your security program(s) to see if there is a verification setting that you can disable or add an exclusion for.
Also check the batch-file’s contents to see if it is running an executable that is not signed (though again, by default, Windows does not prompt for executables unless it was downloaded or requires elevated privileges, so check your settings).
http://superuser.com/questions/470463/how-to-sign-a-windows-batch-bat-file