Closed GuildOfCalamity closed 3 months ago
CEF doesn't provide signed binaries. Application distributors (e.g. you, or whomever created the application that you're using) should sign all binaries that are being distributed as part of the application.
CEF doesn't provide signed binaries. Application distributors (e.g. you, or whomever created the application that you're using) should sign all binaries that are being distributed as part of the application.
I've tried that but the libcef assembly is not signable for some reason (probably because of the missing PF data). Internally we sign all DLLs and 90% of the 3rd party DLLs are signed to begin with.
I'm not seeing any issues signing libcef. Where are you getting the libcef DLL? Are you using CEF/C++ directly, or some wrapper project?
I'm not seeing any issues signing libcef. Where are you getting the libcef DLL? Are you using CEF/C++ directly, or some wrapper project?
It's possible we have an older version here, let me try fetching the latest binaries and try to sign them.
BTW, I'm using the standard ildasm
and ilasm
for the signing process.
[UPDATE] When I try the latest 64-bit Windows binary I still am unable to sign it. I used the Standard Distro
ILSpy reports that "PE file does not contain any managed metadata."
Here are the properties for the library:
ILSpy reports that "PE file does not contain any managed metadata."
That's correct. libcef.dll
is not a managed library. It's written in C++
. There is no managed metadata.
ILSpy reports that "PE file does not contain any managed metadata."
That's correct.
libcef.dll
is not a managed library. It's written inC++
. There is no managed metadata.
Understood. For a Windows user, what would be the correct way to sign the compiled binary since it is unmanaged?
@magreenblatt Thank you!
For those of us whose perform security audits (SSF, BlackDuck, etc), this DLL is always flagged because it is unsigned.
Can we get a signed version in the future?
Even ILSpy struggles with it: