Skip to content

Commit

Permalink
Use nuget for signing
Browse files Browse the repository at this point in the history
  • Loading branch information
@tomverin
tomverin authored Nov 7, 2023
1 parent 49d6e86 commit bdc43b4
Showing 1 changed file with 4 additions and 10 deletions.
14 changes: 4 additions & 10 deletions azure-pipelines.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,20 +149,14 @@ stages:
SM_CERT: $(SM_CERT)
SM_CERT_FP: $(SM_CERT_FP)
SM_HOST: $(SM_HOST)
BUILD_DIR: '$(Build.ArtifactStagingDirectory)\packages\'


inputs:
script: |
certutil.exe -csp "DigiCert Software Trust Manager KSP" -key -user
smksp_cert_sync
echo "with smctl:"
smctl sign --fingerprint 372ca3c0b69c28d6b46918512c6ea25db8052e62 --tool signtool --input $(Build.ArtifactStagingDirectory)/packages/
echo "with signtool:"
"%SIGNTOOL_PATH%" sign /v /csp "DigiCert Signing Manager KSP" /kc "$SM_KEYPAIR_ALIAS" /sha1 372ca3c0b69c28d6b46918512c6ea25db8052e62 /fd SHA256 "$(Build.ArtifactStagingDirectory)/packages/"
# signtool sign /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 /csp "DigiCert Signing Manager KSP" /kc "$SM_KEYPAIR_ALIAS" /f "$SM_CLIENT_CERT_FILE" /p "$SM_CLIENT_CERT_PASSWORD" $(Build.ArtifactStagingDirectory)\packages\*.nupkg
# "%SIGNTOOL_PATH%" sign /a /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 /f %SM_CLIENT_CERT_FILE% /p "%SM_CLIENT_CERT_PASSWORD%" $(Build.ArtifactStagingDirectory)\packages\*.nupkg
# script: '"%SIGNTOOL_PATH%" sign /sha1 6AE98FC3C4668889C48DF0823E11A4678BBCF53A /tr http://timestamp.digicert.com $(Build.ArtifactStagingDirectory)\packages\*.nupkg'

smctl windows certsync
nuget sign "%BUILD_DIR%\*.nupkg" -Overwrite -HashAlgorithm SHA256 -CertificateFingerprint %SM_CERT_FP% -Timestamper http://timestamp.digicert.com -TimestampHashAlgorithm SHA256
- task: PublishBuildArtifacts@1
displayName: 'Publish NuGet packages as build artifacts'
inputs:
Expand Down

0 comments on commit bdc43b4

Please sign in to comment.