Re: OT - a new release of WinSignHelper for macOS

Thu, 20 Jul 2023 14:20:37 -0700 


> Am 20.07.2023 um 17:21 schrieb J. Landman Gay via use-livecode 
> <use-livecode@lists.runrev.com>:
> 
> Thanks Matthias. I've been reading about it and I think the cert is stored on 
> the machine but it is tied to that computer and not exportable.


> If you get a new computer you need to buy a new certificate.
I don't think that is true. The new type of certificate has to be stored on a 
secure device. That's what the eToken is for. The private key is also stored on 
the eToken and the certificate and the private key cannot be exported. You 
should be able to use that token on multiple computers. You just have to 
install the eToken driver to an other computer and attach the eToken to it.

This is what Trustzone is saying about it:
"The token-based type of Standard Code Signing certificates can also be used on 
multiple computers. The same goes for token-based EV certificates. But no 
token-based certificate can ever be used simultaneously on two computers since 
the SafeNet token can only be plugged into one computer at a time."

As i never had such eToken, i do not know, if the certificate and the private 
key can be accessed as files through Finder. And what extension do they have. 
I've read the osslsigncode can use also certificates and key files with .cem 
extension. 
So if the eToken contains such files, WinSignHelper could be slightly adjusted 
to work with the eToken. But that's just an assumption.

Matthias


> So I don't think I'll experiment, and we'll just do the whole thing on the 
> Windows box.
> 
> The sad part is that if we'd renewed just a couple of weeks earlier we'd have 
> been within the cutoff date and could have purchased the old type of 
> certificate.
> 
Same here. I was about 5 days to late otherwise i could have ordered the olde 
type.


> If anyone else has used the new token hardware I'd be grateful for any tips 
> or suggestions. This is all new to me.

I am using a cloud based OV certificate from Certum. I just need to install the 
Software SimplySign Desktop. The software "integrates" the certificate into 
Windows' certificate storage (or what ever this is called) after i logged in 
using that SimplySign Desktop software.
Microsoft's signtool can then directly access the certificate.


> --
> Jacqueline Landman Gay | jac...@hyperactivesw.com
> HyperActive Software | http://www.hyperactivesw.com
> On July 19, 2023 4:20:23 PM matthias rebbe via use-livecode 
> <use-livecode@lists.runrev.com> wrote:
> 
>> To be honest, i do not know.
>> I am currently using a cloud code signing certificate which i can only use 
>> on Windows.
>> I've chosen the cloud version because of the price, but later i noticed that 
>> it seems that those cloud certificates cannot be used on macOS.
>> Or maybe they can, but i do not know how, especially with ossl signcode
>> WinSignHelper uses ossl signcode and currently that tool needs a path to a 
>> certificate
>> 
>> Do you know where the certificate is stored with the eToken solution? Is it 
>> stored also on the eToken or anywhere else on the Mac?
>> If you have the certificate as a physical file it maybe could be possible to 
>> select that file in the WinSignHelper prefs.
>> 
>> But as  i alread wrote, i really don't know exactly.
>> 
>> I am currently thinking of purchasing a 2nd certificate as eToken solution, 
>> but there is not yet a decision made, if i should spent money for this, as i 
>> have a working cloud certificate which expires in 3 years.
>> 
>> Regards,
>> Matthias
>> 
>>> Am 19.07.2023 um 22:53 schrieb J. Landman Gay via use-livecode 
>>> <use-livecode@lists.runrev.com>:
>>> 
>>> @Matthias: does the upgraded WinSignHelper work with the new hardware 
>>> eTokens? Those are required now.
>>> 
>>> If so, do the instructions change on how to use your tool?
>>> 
>>> 
>>> On 12/23/22 10:44 AM, matthias rebbe via use-livecode wrote:
>>>> i've upgraded my free tool WinSignHelper.
>>>> For those who do not know what WinSignHelper is...
>>>> It's a GUI for osslsigncode. Osslsigncode is command line tool that can do 
>>>> the Authenticode signing and timestamping. With it you can code sign 
>>>> Windows applications  using an appropriate code signing certificate.
>>>> You just drag a folder with your Windows application into WinSignHelper 
>>>> and it signs all components of your standalone (.exe and .dll).
>>>> WinSignHelper Help section gives enough information about how to install 
>>>> osslsigncode.
>>>> So if anyone is interested in testing....
>>>> The version is  notarized and is an universal build for X86 and Arm
>>>> Zip
>>>> https://dl.qck.nu/?dl=WinSignHelper_universal.zip
>>>> DMG
>>>> https://dl.qck.nu/?dl=WinSignHelper_universal.dmg
>>>> Hope this is of help for one or the other.
>>> 
>>> 
>>> --
>>> Jacqueline Landman Gay         |     jac...@hyperactivesw.com
>>> HyperActive Software           |     http://www.hyperactivesw.com
>>> 
>>> 
>>> _______________________________________________
>>> use-livecode mailing list
>>> use-livecode@lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your 
>>> subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>> 
>> 
>> _______________________________________________
>> use-livecode mailing list
>> use-livecode@lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your subscription 
>> preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
> 
> 
> 
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription 
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode

_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode






















					Reply via email to