SignerSign() failed. (-2146869243/0x80096005)

Same here. The issue was the demise of the comodoca.com timestamp server.

I switched to using DigiCert:

"C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64\signtool.exe" sign /tr http://timestamp.digicert.com ...

UPDATE 2 (perplexed nailed it) comodoca.com actually still works fine, you just need to add a /td sha256 switch to your signtool.exe command, like this:

"C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64\signtool.exe" sign /tr http://timestamp.comodoca.com /td sha256 ...

It seems DigiCert is throttling the number of timestamps they give out anyway, so I had to switch back. BTW note that you can still use any digital cert from any cert authority, it doesn't have to be from DigiCert to use their timestamp server.


"C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64\signtool.exe" sign /tr http://timestamp.sectigo.com/?td=sha256 /td sha256 ....

the /?td=sha256 actually working, but recommend using their new domain name http://timestamp.sectigo.com and need add extra parameter /td sha256