tommysitu
commented
4 years ago Do you think using this tool will do the job? https://docs.microsoft.com/en-us/windows/win32/seccrypto/signtool
Open joros11 opened 4 years ago
tommysitu
commented
4 years ago Do you think using this tool will do the job? https://docs.microsoft.com/en-us/windows/win32/seccrypto/signtool
joros11
commented
4 years ago Yes, signing the files with that tool will work fine.
I cant use hoverfly since the company uses a whitelist of exe-files. When I started the process of whitelisting it I noticed that the exe-files that is extracted from the jar and the hoverflyctl. is not signed and contains no details about the exe-files. This makes it impossible to whitelist hoverfly in a secure way.
I would like the exe files inside the jar to be signed by a certificate and the details populated, it can be self signed since anything is better than nothing.