dfr*_*ank 5 certificate amazon-ec2 signtool jenkins
在我们的构建服务器上,我们使用 signtool.exe 对我们的工件进行签名。
每次都将相同的参数传递给 signtool.exe,但由于“私钥过滤器”而未使用我们的证书,因此它偶尔会失败或通过。
我们已经使用这个流程一段时间了,但我们在 2019 年 3 月 27 日早上开始看到失败。
我们使用以下参数启动 signtool.exe 进程:
sign /fd sha256 /f "cert.p12" /p certPass /du hostSiteHere /v /debug /tr timeStampUrl "fileNames"
规格 - signtool.exe 来自 windows 10 sdk - 构建服务器作为 windows 2016 服务器 ec2 实例托管在 AWS 中 - jenkins (v2.1.68) 使用亚马逊 ec2 插件 (v1.42) 运行构建
日志,取决于它是通过还是失败:
The following certificates were considered:
Issued to: myCompany, Inc.
Issued by: DigiCert SHA2 Assured ID Code Signing CA
Expires: Wed Oct 30 12:00:00 2019
SHA1 hash: myCertSha1Hash
After EKU filter, 1 certs were left.
After expiry filter, 1 certs were left.
After Private Key filter, 1 certs were left.
The following certificate was selected:
Issued to: myCompany, Inc.
Issued by: DigiCert SHA2 Assured ID Code Signing CA
Expires: Wed Oct 30 12:00:00 2019
SHA1 hash: myCertSha1Hash
The following additional certificates will be attached:
Issued to: DigiCert SHA2 Assured ID Code Signing CA
Issued by: DigiCert Assured ID Root CA
Expires: Sun Oct 22 12:00:00 2028
SHA1 hash: digiCertSigningSha1Hash
Done Adding Additional Store
The following certificates were considered:
Issued to: myCompany, Inc.
Issued by: DigiCert SHA2 Assured ID Code Signing CA
Expires: Wed Oct 30 12:00:00 2019
SHA1 hash: myCertSha1Hash
After EKU filter, 1 certs were left.
After expiry filter, 1 certs were left.
After Private Key filter, 0 certs were left.
No certificates were found that met all the given criteria.
需要注意的奇怪行为:
| 归档时间: |
|
| 查看次数: |
577 次 |
| 最近记录: |