This tiny project prevents the signtool from verifing cert time validity and let you sign your bin with outdated cert without changing system time manually
it install hook into crypt32!CertVerifyTimeValidity and make it always return 0.
and make kernel32!GetLocalTime return what you want as you can add "-fuckyear 2011" to signtool's commandline to sign a cert from year 2011.
Visual Studio 2015 / 2017, you know how to build.
Use LordPE to add an import entry FuckCertVerifyTimeValidity.dll!test for signtool/DSignTool/CSignTool.
https://github.com/Microsoft/Detours is used to hook system apis