Very useful info, thank you. Especially the part about using the token on
different machines. I was duped into believing everything I read on the
internet. :)
--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
On July 20, 2023 4:20:59 PM matthias rebbe via use-livecode
<use-livecode@lists.runrev.com> wrote:
Am 20.07.2023 um 17:21 schrieb J. Landman Gay via use-livecode
<use-livecode@lists.runrev.com>:
Thanks Matthias. I've been reading about it and I think the cert is stored
on the machine but it is tied to that computer and not exportable.
If you get a new computer you need to buy a new certificate.
I don't think that is true. The new type of certificate has to be stored on
a secure device. That's what the eToken is for. The private key is also
stored on the eToken and the certificate and the private key cannot be
exported. You should be able to use that token on multiple computers. You
just have to install the eToken driver to an other computer and attach the
eToken to it.
This is what Trustzone is saying about it:
"The token-based type of Standard Code Signing certificates can also be
used on multiple computers. The same goes for token-based EV certificates.
But no token-based certificate can ever be used simultaneously on two
computers since the SafeNet token can only be plugged into one computer at
a time."
As i never had such eToken, i do not know, if the certificate and the
private key can be accessed as files through Finder. And what extension do
they have. I've read the osslsigncode can use also certificates and key
files with .cem extension.
So if the eToken contains such files, WinSignHelper could be slightly
adjusted to work with the eToken. But that's just an assumption.
Matthias
So I don't think I'll experiment, and we'll just do the whole thing on the
Windows box.
The sad part is that if we'd renewed just a couple of weeks earlier we'd
have been within the cutoff date and could have purchased the old type of
certificate.
Same here. I was about 5 days to late otherwise i could have ordered the
olde type.
If anyone else has used the new token hardware I'd be grateful for any tips
or suggestions. This is all new to me.
I am using a cloud based OV certificate from Certum. I just need to install
the Software SimplySign Desktop. The software "integrates" the certificate
into Windows' certificate storage (or what ever this is called) after i
logged in using that SimplySign Desktop software.
Microsoft's signtool can then directly access the certificate.
--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
On July 19, 2023 4:20:23 PM matthias rebbe via use-livecode
<use-livecode@lists.runrev.com> wrote:
To be honest, i do not know.
I am currently using a cloud code signing certificate which i can only use
on Windows.
I've chosen the cloud version because of the price, but later i noticed
that it seems that those cloud certificates cannot be used on macOS.
Or maybe they can, but i do not know how, especially with ossl signcode
WinSignHelper uses ossl signcode and currently that tool needs a path to a
certificate
Do you know where the certificate is stored with the eToken solution? Is it
stored also on the eToken or anywhere else on the Mac?
If you have the certificate as a physical file it maybe could be possible
to select that file in the WinSignHelper prefs.
But as i alread wrote, i really don't know exactly.
I am currently thinking of purchasing a 2nd certificate as eToken solution,
but there is not yet a decision made, if i should spent money for this, as
i have a working cloud certificate which expires in 3 years.
Regards,
Matthias
Am 19.07.2023 um 22:53 schrieb J. Landman Gay via use-livecode
<use-livecode@lists.runrev.com>:
@Matthias: does the upgraded WinSignHelper work with the new hardware
eTokens? Those are required now.
If so, do the instructions change on how to use your tool?
On 12/23/22 10:44 AM, matthias rebbe via use-livecode wrote:
i've upgraded my free tool WinSignHelper.
For those who do not know what WinSignHelper is...
It's a GUI for osslsigncode. Osslsigncode is command line tool that can do
the Authenticode signing and timestamping. With it you can code sign
Windows applications using an appropriate code signing certificate.
You just drag a folder with your Windows application into WinSignHelper and
it signs all components of your standalone (.exe and .dll).
WinSignHelper Help section gives enough information about how to install
osslsigncode.
So if anyone is interested in testing....
The version is notarized and is an universal build for X86 and Arm
Zip
https://dl.qck.nu/?dl=WinSignHelper_universal.zip
DMG
https://dl.qck.nu/?dl=WinSignHelper_universal.dmg
Hope this is of help for one or the other.
--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode