feat(build): code-sign Windows binaries #884
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We're using
osslsigncode
to code-sign Windows binaries; to do that, we're told...There wasn't much (any) information on how to generate an SPC so I've used the following command:
This code generates a self-signed X.509 certificate using the RSA private key generated by the
openssl req
command. The private key is saved in a file namedprivate_key.pem
, and the certificate is saved in a file namedspc.pem
. The-x509
option specifies that a self-signed certificate should be generated, while the-newkey
option specifies that a new private key should be generated. The-nodes
option specifies that the private key should not be encrypted. The-days
option specifies the certificate's validity period, which is set to 365 days. This command is commonly used to generate a self-signed certificate for testing or development purposes.I then tested the changes in this PR by running goreleaser locally...