Closed lbocquet closed 6 months ago
Btw, instead of calling signtool.exe
directly best would be to wrap code-signing step in a .bat file which accepts binary filename and calls signtool.exe
with proper parameters incl. certificate SHA-1 thumbprint, etc.
Furthermore since 2023 code-signing certificates require private key to be stored on a smart card device (like Yubikey) which require PIN on first usage so cannot be used unattendedly by signtool.exe
(i.e. pops a dialog) but will need other utilities (like osslsigncode.exe
) to pass PIN with no UI during build.
A certificate released after 2023 require a dongle, we just renewed before that date. Till 9/25 we still can sign the old way Moving the sign part in a bat isn't a bat suggestion, it would make it simpler to change when needed.
Harmonization of signtool More "$(OutDir)$(TargetName)$(TargetExt)" VS_VERSION_INFO improvements uvnc_settings2 -> uvnc_settings