Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [tycho-user] how to sign your executable (for now windows but also for mac?)

On Tue, 4 Feb 2020 at 12:34, Johan Compagner <jcompagner@xxxxxxxxxx> wrote:

there are a few examples 

but that points to org.eclipse.cbi stuff (and i dont see how i can say use our certificate)
but i would like to use this:

which is nice (and should be independent where you build it on, linux or windows) 

problem is when should that run?

If i could get the right moment to sign that file (i am searching for that also)
then still i think thats only the installation the full product that is then signed
But that the dir: com.servoy.eclipse.product\target\repository\binary

that i use as our p2 repository for updating stuff i think have then executable that are not signed by our certificate. So if somebody does an update and the exe file is updated (i think that happens right?) that has to come from there. but how is that signed?

do i need to try to sign this file as soon as possible?


ok signing that didn't work the really make sure our binary is signed everywhere

i really need to unzip , sign, zip stuff from the extraArtifacts dir that is generated 
and then really make sure everything is in the right order..

so first unzip (in the generate-resources phase)

and make sure that everything before that is also in the phase so everything from the publisher stuff

then sign it

then zip it again

and then let the tycho-p2-director-plugin do its thing.

say that it defaults to prepare-package, this is not true, they are in the package 
and for some reason it is very hard to then get the right order of stuff.

Is there no other way to really make sure it is signed correctly?

Back to the top