Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cbi-dev] Signing third-party content

Hi Dirk,

We won't sign 3rd parties libraries on behalf of them. You need to reach out to the respective developers and ask them to provide binaries with hardened runtime enabled and signed.


Mikaël Barbero 
Team Lead - Release Engineering | Eclipse Foundation
🐦 @mikbarbero
Eclipse Foundation: The Platform for Open Innovation and Collaboration

Le 4 juin 2020 à 13:40, Dirk Fauth <dirk.fauth@xxxxxxxxxxxxxx> a écrit :


I tried to adapt the process to sign and notarize APP4MC. There openjfx and sqlite jdbc is included. For the binaries of those plugins I get notarization errors that they are not signed and do not include a secure timestamp. 

Is there any way that we can get those third-party libraries signed? Or what should be the process here? 

cbi-dev mailing list
To unsubscribe from this list, visit

Attachment: signature.asc
Description: Message signed with OpenPGP

Back to the top