VSTS / DevOps:如何获取清单签名证书 [英] VSTS/DevOps: how to get certificate for manifest signing
问题描述
大家好,
过去,我们使用VSTS构建代理,在本地构建计算机上运行域帐户。在这种情况下,证书可以存储到域帐户个人存储中(手动,通过此帐户登录一次)。所以后来的构建可以
通过指纹获取证书以进行签名,例如清单。
in the past, we used VSTS build agents, running with domain accounts on on-prem build machines. In such scenario, certificates could be stored into the domain accounts personal store (manually, by logging in once with this account). So a later build could get the certificates by thumbprint for signing e.g. a manifest.
现在,代理以"网络服务"运行,因为我们不再拥有本地域(全部移动到Azure AD)。所有工作,除了从商店检索证书。我已经使用mmc管理单元连接到服务(VSTSAgent),
并将安装的证书安装到此个人存储中,但仍然构建失败并显示"错误MSB3323:无法找到证书存储区中的清单签名证书。"。
Now, the agents run with "Network Service", because we no longer have a local domain (all moved to Azure AD). All works, except the retrieval of certificates from the store. I already used the mmc snap-in to connect to the service (VSTSAgent), and installed certificates to this personal store, but still the build fails with "Error MSB3323: Unable to find manifest signing certificate in the certificate store.".
如果我登录到计算机并从VS内部运行,一切正常,但当然我在这里使用不同的帐户(使用不同的个人商店),但这至少告诉我该解决方案&项目很好。管道也是可以的,因为
它们仍然可以在"旧"管道上正常工作。使用域帐户的构建机器。
If I log-on to the machine and run from within VS, all works well, but of course here I am using a different account (with a different personal store), but this at least tells me that solution & projects are fine. And the pipelines are OK as well, because they still work OK on the "old" build-machines that use a domain account.
因此,如果有人有想法或者可以指出一些有关如何使用VSTSAgent作为"网络服务"运行的信息。与签名(来自证书商店)一起,非常感谢。
So, if anyone has an idea or can point me to some information on how to use the VSTSAgent running as "Network Service" together with signing (from the certificate store), that highly appreciated.
非常感谢,塞巴斯蒂安
推荐答案
嗨塞巴斯蒂安,
欢迎来到MSDN论坛。
至于我知道,我们可以将帐户更改为服务登录。单击"开始"并搜索"服务"以打开"服务"窗口,右键单击"vsts代理服务"并选择"
属性 - 登录",然后使用您用于登录计算机的本地帐户修改帐户。
同时,因为你的问题是关于Azure DevOps和我们的论坛是讨论VS IDE,你也可以打开一个新线程 stack
溢出 带有'Azure DevOps'标记
或 DevelopmentCommunity 到
寻求更好的支持,谢谢你的理解。
Meanwhile, since your issue is about the Azure DevOps and our forum is to discuss the VS IDE, you can also open an new thread on the stack overflowwith ‘Azure DevOps’ tag or DevelopmentCommunity to seek for a better support, thank you for your understanding.
最好的问候,
Sara
这篇关于VSTS / DevOps:如何获取清单签名证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
