How do I set the http proxy in a subshell launched from a windows service

Question

I am writing a windows service which takes an uploaded file, runs signtool.exe on it to do the signing and timestamping and then serves the signed file back.

The code for this works when run as a standalone server using twisted however if I try and run it as a service it fails with the error "Signing succeeded, but an error occurred while attempting to timestamp".

If I replace the signcode subprocess call with a curl.exe call which explicitly uses the proxy then this succeeds.

I have set the proxy in internet explorer and running the command manually works. Is there another way of setting an http proxy for signtool/signcode or another way of doing this (I am keen for it to be a service for ease of integration in to some other monitoring systems)?

Answer 1

Widows services are strange in that they run on a separate winlogon session with limited credentials. Can you let me know the following to try and help debug this...

1. What credentials are you running the service under (NetworkService?)
2. What is the output of either "proxycfg" or "netsh winhttp show proxy" (depending on your windows version.) These command line tools will tell you what proxy is set for shell programs.