New signing rules - how will SB respond?

**MarkRiffey** · 08-22-2023, 04:14 PM

Friedrich,

I am sure you are aware of the new code signing rules for certificates sold after June 1, 2023.

How is SB going to function in that environment? It's curious, particularly as it relates to vendors offering HSM signatures that live somewhere in the cloud (AWS and others).

Some online services are popping up now (including the AWS HSM one I mentioned previously), and it appears that all of them will require 2 passes (at best) to sign an installers files (wildcarded) and then to sign the installer.

The more passes, the more you pay.

Mark

**linder** · 08-28-2023, 01:08 PM

Hi Mark,

at the moment, SB only supports software-based (traditional) and EV code-signing certificates. Code-signing is handled by Microsoft SignTool.

Do you have such a certificate available that lives on AWS?

Friedrich

**MarkRiffey** · 08-28-2023, 04:59 PM

Friedrich,

We set it up, but the ongoing costs were prohibitive given that we didn't know if we'd be able to use it. Result: We turned it off for now.

Until we can do that, I may have to move builds from AWS back to my house, which is really undesirable. Or at least move signing to my house and ship files back and forth. Also undesirable.

Mark

**linder** · 08-29-2023, 08:28 AM

Hi Mark,

all this (new and old <g>) certificate stuff is a nightmare..........

Friedrich

**linder** · 08-30-2023, 08:56 AM

Mark,

I have requested information from several providers on how to use the new "code-signing in the cloud" stuff. Not too much information available right now...

Friedrich

**MarkRiffey** · 10-03-2023, 08:24 AM

IIRC, there are several SAAS based providers, plus AWS (and I suspect, Azure). I havent looked much beyond that. One of our guys is handling it.

**MarkRiffey** · 10-14-2023, 03:42 PM

BTW, we found another way to get HSM to work without paying $1000 a month for a HSM instance. Will eventually get this written up on ClarionHub.com

**linder** · 10-17-2023, 10:34 AM

WOW. Could you please keep me posted on how this work (for you)?

Thanks,
Friedrich

**MarkRiffey** · 10-17-2023, 10:45 AM

It's working fine. Already in production in our cloud.

**linder** · 10-17-2023, 10:58 AM

Very cool! It would be great if we could work on this so we have a built-in solution in SB...

Friedrich

Thread: New signing rules - how will SB respond?

Thread Tools

Display

New signing rules - how will SB respond?

Re: New signing rules - how will SB respond?

Re: New signing rules - how will SB respond?

Re: New signing rules - how will SB respond?

Re: New signing rules - how will SB respond?

Re: New signing rules - how will SB respond?

Re: New signing rules - how will SB respond?

Re: New signing rules - how will SB respond?

Re: New signing rules - how will SB respond?

Re: New signing rules - how will SB respond?

Thread Information

Users Browsing this Thread

Tags for this Thread

Posting Permissions