ClickOnce and VSTO Application Signing with Signotaur
Sign ClickOnce and VSTO applications easily with Signotaur. Automate manifest signing, ensure trusted publishers, and simplify your CI/CD builds.
Signotaur and Certificate Revocation Lists
We recently had a report from a customer that code signing using Signotaur was taking a long time - in this case around a minute to sign 1 file. This is obviously far too slow for practical use.
Code Signing with Inno Setup and Signotaur
Inno Setup has long supported code signing (since v5.2.4). Fortunately, the way the authors of Inno Setup implemented this feature makes it really easy to use custom tools to do the code signing. In this post we'll take a look at how to use Signotaur with Inno Setup.
Introducing Signotaur - Remote Code Signing Server
Over the last few years, code signing has changed somewhat. With the requirement that private keys be secured, many developers have run into the issues that USB tokens present, or the limitations and costs associated with cloud-based signing solutions. Gone are the days of sharing a PFX file around the dev team or with the CI server (unless you managed to snag a 3-year renewal just before the new requirements were enforced). Signotaur is a self hosted code signing server (and client) that makes sharing certificates simple, all whilst ensuring the private key never leaves the server.
Code Signing with USB Tokens
Big changes are coming for OV (Organisation Validation) code signing certificates - from (1 June 2023, extended from 15 November 2022), new and reissued publicly trusted organization validation (OV) and individual validation (IV) code signing certificates will have to be issued or stored on preconfigured secure hardware by the issuing certificate authority (CA) and the device must meet FIPS 140 Level 2, Common Criteria EAL 4+ or equivalent security standards.