Visual studio 当我从atlassian竹子运行时,signtool无法对安装程序进行签名
我正在尝试将Bambol的代码签名自动化,以实现内部安全措施 签名命令:Visual studio 当我从atlassian竹子运行时,signtool无法对安装程序进行签名,visual-studio,code-signing,bamboo,code-signing-certificate,signtool,Visual Studio,Code Signing,Bamboo,Code Signing Certificate,Signtool,我正在尝试将Bambol的代码签名自动化,以实现内部安全措施 签名命令: signtool.exe sign /v /debug /f "\\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /t "http://timestamp.verisign.com/scripts/timstamp.dll" "c:\test\installer.msi" 我使用的是我们IT部门内部生成的证书,格式为.pfx 核查: signtoo
signtool.exe sign /v /debug /f "\\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /t "http://timestamp.verisign.com/scripts/timstamp.dll" "c:\test\installer.msi"
我使用的是我们IT部门内部生成的证书,格式为.pfx
核查:
signtool verify /pa "c:\test\installer.msi"
如果我从本地机器(与bamboo服务用户相同的用户)命令窗口运行,这两个命令都可以很好地工作。当我从Atlassian Bambol将其作为脚本任务运行时,它失败了
它在“完成添加附加存储”处停止。之后不会出现错误或成功消息
在下面,成功的签名打印在下面,这是我从localhost运行时所产生的
.........
Done Adding Additional Store
Successfully signed: c:\test\installer.msi
Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
这就是我在竹子上运行相同命令时看到的结果
build 20-Jan-2017 08:05:07 The following certificates were considered:
build 20-Jan-2017 08:05:07 Issued to: RnD Software Engineering
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <....>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <...........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <...........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 After EKU filter, 3 certs were left.
build 20-Jan-2017 08:05:07 After expiry filter, 3 certs were left.
build 20-Jan-2017 08:05:07 After Private Key filter, 1 certs were left.
build 20-Jan-2017 08:05:07 The following certificate was selected:
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 The following additional certificates will be attached:
build 20-Jan-2017 08:05:07 Issued to: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Issued by: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Expires: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 SHA1 hash: <........>
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07
build 20-Jan-2017 08:05:07 Done Adding Additional Store
非常感谢您的帮助。我使用不同的时间戳服务器解决了这个问题。下面的命令是从竹内联脚本任务中执行的
signtool.exe sign /v /debug /f "\\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /tr "http://sha1timestamp.ws.symantec.com/sha1/timestamp" "c:\test\installer.msi"
谢谢你发布这个。有趣的是/tr对你有用,而对我没有。我不得不改用/t,否则时间戳在我的竹竿作业中失败,出现了“此函数不受支持”之类的情况。
signtool.exe sign /v /debug /f "\\hostname\Cert$\Cerfile.pfx" /p "password" /d "Company name" /tr "http://sha1timestamp.ws.symantec.com/sha1/timestamp" "c:\test\installer.msi"