nextgens / authenticode-sign-action Goto Github PK
View Code? Open in Web Editor NEWThis action allows for authenticode code-signing using a key hosted on google key management service
This action allows for authenticode code-signing using a key hosted on google key management service
Getting the warning The following actions uses node12 which is deprecated and will be forced to run on node16: nextgens/[email protected]. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
Maybe it would be helpful to include a bit of documentation on how to add the key to KMS? There is not any easy documentation on this anywhere it seems and I am lost on how to do it.
I have a Sectigo EV code signing certificate on an eToken. Here is the relevant token information
Token name: ***
Token category: Hardware
Reader name: SafeNet eToken 5100/5110
Serial number (PKCS#11): 198***
Free space (minimum estimated): 71945
Hardware version: 0.0
Firmware version: N/A
Card ID (GUID): 0x79***
Product name: eToken 5110 CC (940)
Model: N/A
Card type: ID Prime MD
Applet Version: IDPrime Java Applet 4.4.2.A
Mask version: G286
Color: N/A
Supported key size: 4096 bits
Token Password: Present
Token Password retries remaining: 3
Maximum Token Password retries: 3
Token Password expiration: No expiration
Administrator Password: Present
Administrator Password retries remaining: 5
Maximum administrator Password retries: 5
FIPS: N/A
Common Criteria (CC): CC EAL5+ / PP QSCD
Token unlock objects: Administrator
Digital Signature PIN retries remaining: 3
Digital Signature PIN maximum retries: 3
Digital Signature PUK retries remaining: 3
Digital Signature PUK maximum retries: 3
Sign padding on-board: Yes
RSM: N/A
ECC: Supported
certificate
parameter description in https://github.com/marketplace/actions/authenticode-cloud-signer... How does one export the token as a .pem
file?Hi, Jsign now supports cloud signing services such as Google KMS. What about changing the action to use it instead of signtool? That would make the action cross platform and compatible with other services (Azure Key Vault and DigiCert ONE).
Could you please add to your README.md which certficates are supported by this action and where to buy them? Thanks!
Not everyone is using the same CA... so it probably makes sense to let people configure it
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.