Uploaded image for project: 'Nuxeo ECM Build/Test Environment'
  1. Nuxeo ECM Build/Test Environment
  2. NXBT-706

Add Nuxeo code signing certificate to Windows slave VM

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Continuous Integration

      Description

      The certificate used to sign the Nuxeo Drive msi package is currently here: /opt/build/keystores/nss/work/nuxeo.com.pfx
      As the Windows slave don't have access to this shared folder, I copied it on each slave to:

      - Windows 7: C:\Users\Nuxeo\certificates\nuxeo.com.pfx
- XP: C:\Documents and Settings\Nuxeo\certificates\nuxeo.com.pfx

      This should be done in the VM used to instantiate new Windows slaves.

      Then for code signing I simply use:

      set CERTIFICATE_PATH="%USERPROFILE%\certificates\nuxeo.com.pfx"
set MSI_PROGRAM_NAME="Nuxeo Drive"
set TIMESTAMP_URL=http://timestamp.verisign.com/scripts/timstamp.dll

signtool sign /v /f %CERTIFICATE_PATH% /d %MSI_PROGRAM_NAME% /t %TIMESTAMP_URL% msi_path

signtool verify /v /pa msi_path

        Attachments

          Issue Links

          depends on

          User story - Created by Jira Software - do not edit or delete. Issue type for a user story. NXP-12981 Sign Mac OS and Windows Drive component

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: