search

SSLcom / esigner-codesign

GitHub Action for CodeSigner by SSL.com
9 stars 2 forks source link

batch_sign: Error: hash needs to be scanned first before submitting for signing #10

Closed dmitry-kosar closed 8 months ago

dmitry-kosar commented 9 months ago

I'm getting the following error when signing .exe files using batch_sign Error: hash needs to be scanned first before submitting for signing: <hash_value>. There are no mentions of such an error in the documentation.

What does this error mean? Do I need to do some extra steps to prepare file before calling batch_sign? Or there can be an issue with the file itself?

- name: Sign files with with CodeSignTool
  uses: sslcom/esigner-codesign@develop
  with:
    command: batch_sign
    username: <username>
    password: <password>
    credential_id: <cred_id_guid>
    totp_secret: <totp_secret>
    dir_path: files-to-sign
    output_path: output
    malware_block: false
    environment_name: PROD
bayrakmustafa commented 8 months ago

@dmitry-kosar At https://www.ssl.com/guide/how-to-use-pre-signing-malware-scan-with-ssl-com-esigner/ there is how to disable malware scan for the certificate you are using. If you want to use the malware scan service in the batch_sign process, you must set the malware_block parameter to true. I worked on this in the develop branch.