italiks
commented
2 years ago hi @Nillissen Have you found the way to sign .hlkx package?
Open Nillissen opened 2 years ago
italiks
commented
2 years ago hi @Nillissen Have you found the way to sign .hlkx package?
monrapps
commented
2 years ago Trying to sign .HLKX files too
monrapps
commented
2 years ago Managed to sign the HLKX using the https://github.com/vcsjones/OpenOpcSignTool thanks @vcsjones.
dotnet tool install -g OpenVsixSignTool
OpenVsixSignTool sign -fd sha384 -kvu https://example.vault.azure.net -kvi FFFFFFFF-FFFF-FFFFF-FFFF-FFFFFFFFFFFF -kvs exampleSecret -kvc CodeSignExampleCertificate "package.hlkx"
monrapps
commented
2 years ago Well it wont work for submission... the hlkx needs the certificate .cer to be embedded.. and there is some missing entries on the content XML.. working on it
Nillissen
commented
2 years ago Sorry for not updating sooner. I also managed to "sign" the file but like @monrapps is discovering it doesn't include all the requirements for a HLK submission.
monrapps
commented
2 years ago https://github.com/monrapps/OpenOpcSignTool
So, what do we have here: It´s a hard ported OpenOpcSignTool from @vcsjones with hardcoded nonsense that ONLY WORKS for HLKX signing... this code is very rough and should not be considered as a reference for the correct implementation.
We need help with signing Windows HLK submission packages. The HLK process will create an .hlkx package file that I can sign using signtool. But AzureSignTool is returning this error: "The file cannot be signed because it is not a recoginized file type for signing or it is corrupt."