I currently try to automate and integrate the process of signing our msi
file using an EV certificate.
We have a windows machine with cygwin setup to which we connect from our CI machine. The exe files are built on CI and then copied over to the Windows machine to create msi files from them and then sign the msi files.
The problem is the automation of the signing process. We must(?) use a software called safenet authentication client
to unlock the certificate which sits on a usb stick.
The command I use to sign is C:\\Program Files (x86)\\Windows Kits\\10\\bin\\10.0.17763.0\\x86\\signtool.exe sign /tr http://timestamp.comodoca.com /td sha256 /fd sha256 /a \"c:\\Users\\hero\\installer.msi\"
When I'm logged in via VNC SafeNet shows me a popup where I have to enter the password for the token/certificate. But when logging in via ssh into the machine no popup is shown and signtool
immediately exists with an error: Error information: "Error: SignerSign() failed." (-2147023673/0x800704c7)
I guess this is because of no password could be provided.
We also thought about using something like https://getautoma.com to put in the password but if there is no popup shown then this also doesn't work.
Does anybody know how I could automate this workflow?
User contributions licensed under CC BY-SA 3.0