如何对ClickOnce应用程序进行EV代码签名?

huangapple go评论108阅读模式
英文:

How to EV code-sign ClickOnce applications?

问题

如何处理这个问题?

我们之前是通过 SSL.com 使用 EVCS + 硬件令牌(Yubikey)来签署我们的代码,但最近遇到了很多问题。现在似乎不再支持这种方法:https://www.ssl.com/blogs/new-minimum-rsa-key-size-for-code-signing-certificates/

作为一个临时解决方案,我们正在使用他们的 eSigner 解决方案,但发现它非常昂贵,不透明,并且存在可疑的计费方式。

目前签署 ClickOnce 部署使用 Visual Studio 的最佳实践是什么?其他人是如何签署他们的应用程序的?是否有更好的替代方案?

英文:

How is everyone else doing this?

We were previously signing our code using EVCS + hardware token (Yubikey) via SSL.com but have recently had alot of issues. It now appears as though this is no longer supported: https://www.ssl.com/blogs/new-minimum-rsa-key-size-for-code-signing-certificates/

As an interim solution we are using their eSigner solution but have found it very expensive, not transparent and with dubious billing practices.

What is the current best practice for signing ClickOnce deployment using Visual Studio? How is everyone else signing their applications? Is there a better alternative?

答案1

得分: 1

在我遇到的问题中,现在有很多人使用sha384代码签名证书。然而,如果你在vs2022之前使用它,似乎会出现一些问题,详细信息请参见此案例

对于ev代码签名,也许你可以尝试这篇文章


Rhom的更新:
我有一个开放的工单,以及更详细的问题说明,可以在这里找到:

https://github.com/dotnet/deployment-tools/issues/256

英文:

In the problem I'm having, many people now use sha384 code signing certificates.

However, if you use it before vs2022, it seems that there will be some problems, see this case for details.

For ev code signing maybe you can try this article.


Rhom's Update:
I have an open ticket and more detailed explanation of the issue here

https://github.com/dotnet/deployment-tools/issues/256

huangapple
  • 本文由 发表于 2023年2月6日 09:24:15
  • 转载请务必保留本文链接:https://go.coder-hub.com/75356624.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定