英文:
How to EV code-sign ClickOnce applications?
问题
如何处理这个问题?
我们之前是通过 SSL.com 使用 EVCS + 硬件令牌(Yubikey)来签署我们的代码,但最近遇到了很多问题。现在似乎不再支持这种方法:https://www.ssl.com/blogs/new-minimum-rsa-key-size-for-code-signing-certificates/
作为一个临时解决方案,我们正在使用他们的 eSigner 解决方案,但发现它非常昂贵,不透明,并且存在可疑的计费方式。
目前签署 ClickOnce 部署使用 Visual Studio 的最佳实践是什么?其他人是如何签署他们的应用程序的?是否有更好的替代方案?
英文:
How is everyone else doing this?
We were previously signing our code using EVCS + hardware token (Yubikey) via SSL.com but have recently had alot of issues. It now appears as though this is no longer supported: https://www.ssl.com/blogs/new-minimum-rsa-key-size-for-code-signing-certificates/
As an interim solution we are using their eSigner solution but have found it very expensive, not transparent and with dubious billing practices.
What is the current best practice for signing ClickOnce deployment using Visual Studio? How is everyone else signing their applications? Is there a better alternative?
答案1
得分: 1
在我遇到的问题中,现在有很多人使用sha384代码签名证书。然而,如果你在vs2022之前使用它,似乎会出现一些问题,详细信息请参见此案例。
对于ev代码签名,也许你可以尝试这篇文章。
Rhom的更新:
我有一个开放的工单,以及更详细的问题说明,可以在这里找到:
https://github.com/dotnet/deployment-tools/issues/256
英文:
In the problem I'm having, many people now use sha384 code signing certificates.
However, if you use it before vs2022, it seems that there will be some problems, see this case for details.
For ev code signing maybe you can try this article.
Rhom's Update:
I have an open ticket and more detailed explanation of the issue here
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论