自动构建系统:基于硬件令牌的签名文件 [英] Automated Build System: hardware token based signing files
问题描述
您好,
如何使用基于令牌的签名流程对文件进行签名的任何想法如下:https://www.globalsign.com/en/code -signing-certificate /
通过 https解析代码签名的&span; 指南: //casecurity.org/强制使用私钥的硬件令牌。但是这应该如何与自动构建系统一起使用?让我说我想在我标记新版本之后获得带有来自TFS的签名二进制文件的
a nuget包...不再可能使用硬件令牌,不是吗?
发票
Kai
嗨Korla,Kai,
感谢您在此发帖。
没有关于此功能的信息现在在TFS中基于硬件令牌的签名文件。您可以创建自己的构建任务来实现:
https://www.visualstudio.com/en-us/docs/integrate/extensions/develop/add-build-task
> > 让我说我想在标记新版本之后获得带有TFS签名二进制文件的nuget包...不再可能使用硬件令牌了吗?
您可以使用NuGet Packager在以下链接中创建nuget包:
https://www.visualstudio.com/en-us/docs/build/steps/package/nuget-packager
您只需在标记新版本的任务之前添加此任务。然后你就可以获得包裹。
最好的问候
Limitxiao Gao
Hello,
any ideas how it should workd to sign files with a token based sign process like this: https://www.globalsign.com/en/code-signing-certificate/
Afaik the guidelines for code signing by https://casecurity.org/ forcing using a hardware token for the private key. But how this should work with automated build systems? Lets say i want to get
a nuget package with signed binaries from TFS after i tagged a new version...is not possible anymore with hardware tokens, isnt?
regards
Kai
Hi Korla,Kai,
Thank you for posting here.
There is no such feature about hardware token based signing files in TFS now. You could create your own build task to achieve that:
https://www.visualstudio.com/en-us/docs/integrate/extensions/develop/add-build-task
>>Lets say i want to get a nuget package with signed binaries from TFS after i tagged a new version...is not possible anymore with hardware tokens, isn't?
You could use the NuGet Packager to create nuget package in the following link:
https://www.visualstudio.com/en-us/docs/build/steps/package/nuget-packager
You just need to add this task before the task you tag a new version. Then you could get the package.
Best Regards
Limitxiao Gao
这篇关于自动构建系统:基于硬件令牌的签名文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!