Open fvet opened 1 year ago
No steps have been taken - and since it seems that MS will need to do some changes before we can, we'll have to closely monitor which way anything will go in this matter.
If you have any new info, please share ;-).
Meanwhile, we'll monitor the changes on BCCH
No steps have been taken - and since it seems that MS will need to do some changes before we can, we'll have to closely monitor which way anything will go in this matter.
If you have any new info, please share ;-).
Meanwhile, we'll monitor the changes on BCCH
Do we have any update on this one? Either for using hardware module, or maybe some cloud HSM.
We're looking into the matter and considering our options.
Hi, we are also facing this issue. Our code signing certificate is expiring and only HW dongle or Azure Key Vault is an option. How can this be handled by ALOps? Thanks
You won't believe it - but we requested a HW dongle about 6 months ago - and still haven't received it with the explanation: "there are 2 suppliers that can help us with certificates, and both are having massive issues with their orders.. ". Frustrating. But .. there is no way for us now to work on this as long as we haven't received our dongle.
So I'm reaching out to the community - if anyone has a script that can get things going for anyone who is getting stuck - by all means, please share! 🙏
For the time being, we are using example from AL-Go, with certificate in azure key vault. https://github.com/microsoft/AL-Go/blob/main/Actions/Sign/README.md
Hopefully that will get integrated directly in AlOps.
We're still waiting for our HSM certificate .. no idea why it takes so long.
Just to say: Digicert did provide us a certificate on Azure Keyvault, which we were able to export to Pfx, which works for 3 years, and is just as stable as before. We will try to document this procedure as good as we can on our docs.
Wanted to follow up if below thread has any impact on the current way ALOps is signing the app files and if we could expect any update from ALOps in case our certificate might expire and requires us to switch using a HW crypto module instead?
https://www.yammer.com/dynamicsnavdev/#/threads/show?threadId=2128989394354176