|
| 1 | +<!DOCTYPE html> |
| 2 | +<html lang="en-us"> |
| 3 | + <head> |
| 4 | + <meta charset="utf-8"> |
| 5 | +<meta name="viewport" content="width=device-width, initial-scale=1.0"> |
| 6 | +<meta name="generator" content="Hugo 0.111.3"> |
| 7 | + |
| 8 | + |
| 9 | +<title>Our journey with SignPath - DB Browser for SQLite</title> |
| 10 | +<meta property="og:title" content="Our journey with SignPath - DB Browser for SQLite"> |
| 11 | + |
| 12 | + |
| 13 | + <link href='/favicon.ico' rel='icon' type='image/x-icon'/> |
| 14 | + |
| 15 | + |
| 16 | + |
| 17 | + |
| 18 | + |
| 19 | + |
| 20 | + |
| 21 | + |
| 22 | +<link href="https://sqlitebrowser.org/index.xml" rel="alternate" type="application/rss+xml" title="DB Browser for SQLite" /> |
| 23 | + |
| 24 | + |
| 25 | + |
| 26 | +<link rel="stylesheet" href="/css/fonts.css" media="all"> |
| 27 | + |
| 28 | +<link rel="stylesheet" href="/css/main.css" media="all"> |
| 29 | + |
| 30 | + |
| 31 | + |
| 32 | + |
| 33 | + |
| 34 | + </head> |
| 35 | + <body> |
| 36 | + <div class="wrapper"> |
| 37 | + <header class="header"> |
| 38 | + <nav class="nav"> |
| 39 | + <a href="/" class="nav-logo"> |
| 40 | + <img src="/images/sqlitebrowser.svg" |
| 41 | + width="50" |
| 42 | + height="50" |
| 43 | + alt="DB Browser for SQLite logo"> |
| 44 | + </a> |
| 45 | + <ul class="nav-links"> |
| 46 | + <li><a href="/about/">About</a></li> |
| 47 | + <li><a href="/dl/"><b>Download</b></a></li> |
| 48 | + <li><a href="/blog/">Blog</a></li> |
| 49 | + <li><a href="https://github.com/sqlitebrowser/sqlitebrowser/wiki">Docs</a></li> |
| 50 | + <li><a href="https://github.com/sqlitebrowser/sqlitebrowser">GitHub</a></li> |
| 51 | + <li><a href="https://gitter.im/sqlitebrowser/sqlitebrowser">Gitter</a></li> |
| 52 | + <li><a href="/stats/">Stats</a></li> |
| 53 | + <li><a href="https://www.patreon.com/db4s">Patreon</a></li> |
| 54 | + <li><a href="https://dbhub.io">DBHub.io</a></li> |
| 55 | + </ul> |
| 56 | +</nav> |
| 57 | + |
| 58 | + </header> |
| 59 | + |
| 60 | + |
| 61 | +<main class="content" role="main"> |
| 62 | + |
| 63 | + <article class="article"> |
| 64 | + |
| 65 | + <span class="article-duration">2 min read</span> |
| 66 | + |
| 67 | + |
| 68 | + <h1 class="article-title">Our journey with SignPath</h1> |
| 69 | + |
| 70 | + |
| 71 | + <span class="article-date">2024-11-08</span> |
| 72 | + |
| 73 | + |
| 74 | + <div class="article-content"> |
| 75 | + <h1 id="our-journey-with-signpath-code-signing-for-windows-binaries">Our Journey with SignPath: Code Signing for Windows Binaries</h1> |
| 76 | +<p>When distributing software, code signing is essential to ensure our users can trust the software they download, |
| 77 | +especially on an operating system like Windows that displays security warnings for unsigned software.</p> |
| 78 | +<p>So for us, code signing is not just an option, but a necessity to validate software binaries, prevent tampering, and |
| 79 | +for the convenience of our users.</p> |
| 80 | +<h2 id="a-little-background-on-this-journey">A Little Background on This Journey</h2> |
| 81 | +<p>It’s not difficult to code sign and notarize software binaries for Apple macOS. In fact, there’s only one option.</p> |
| 82 | +<p>However, for Windows binaries, there are a number of companies offering code signing services at varying costs, which |
| 83 | +made it difficult to choose. One of our team members learned about <a href="https://signpath.org">SignPath</a>, |
| 84 | +which provides free code signing services for FOSS projects, and it seemed like a logical choice for many reasons |
| 85 | +(“free and seems legit”), so we contacted the SignPath team.</p> |
| 86 | +<h2 id="the-challenge-we-faced">The Challenge We Faced</h2> |
| 87 | +<p>Getting started with code signing wasn’t difficult, as SignPath provided us with well-written documentation. However, |
| 88 | +our existing CI/CD platform - GitHub Actions - wasn’t supported by SignPath, so we needed to configure a new CI |
| 89 | +pipeline for AppVeyor to sign and deploy our software code.</p> |
| 90 | +<p>We learned that SignPath was also supporting GitHub Actions in a private beta, so we asked for access, which we |
| 91 | +received after a few weeks.</p> |
| 92 | +<p>There have been some minor bugs in the integration with GitHub Actions, but after reaching out to the SignPath team |
| 93 | +they were fixed within a few days.</p> |
| 94 | +<p>As a result, we’re now successfully deploying code-signed Windows binaries to our users using our existing GitHub |
| 95 | +Actions.</p> |
| 96 | +<h2 id="personal-impressions-and-reflections">Personal Impressions and Reflections</h2> |
| 97 | +<p>We are now able to distribute code-signed Windows binaries to our users thanks to <a href="https://about.signpath.io/documentation/signing-code">SignPath’s well-written |
| 98 | +documentation</a>, quick response to issues, and friendly support.</p> |
| 99 | +<p>We also appreciate the fact that they don’t put a financial burden on FOSS projects. :D</p> |
| 100 | +<p>If you’re looking to get your code signed for Windows binaries, I highly recommend that you consider working with the |
| 101 | +awesome <a href="https://signpath.org/apply">SignPath team</a>.</p> |
| 102 | +<p>Finally, a huge thanks to <a href="https://about.signpath.io/team">the SignPath team</a>, and also a huge thanks to the users who |
| 103 | +love our application. :)</p> |
| 104 | +<h2 id="further-information">Further information</h2> |
| 105 | +<ul> |
| 106 | +<li><a href="https://signpath.org/about">SignPath Code Signing for Open Source Software projects</a></li> |
| 107 | +<li><a href="https://signpath.io/code-signing">SignPath Code Signing for Commercial projects</a></li> |
| 108 | +<li><a href="https://about.signpath.io/documentation/signing-code">Documentation for SignPath Code Signing</a></li> |
| 109 | +</ul> |
| 110 | + |
| 111 | + </div> |
| 112 | + </article> |
| 113 | + |
| 114 | + |
| 115 | + |
| 116 | + |
| 117 | +</main> |
| 118 | + |
| 119 | + <footer class="footer"> |
| 120 | + <ul class="footer-links"> |
| 121 | + <li> |
| 122 | + <a href="https://sqlitebrowser.org/index.xml" type="application/rss+xml" target="_blank">RSS feed</a> |
| 123 | + </li> |
| 124 | + <li> |
| 125 | + <a href="https://twitter.com/sqlitebrowser" target="_blank">Twitter</a> |
| 126 | + </li> |
| 127 | + <li> |
| 128 | + <a href="/privacy-policy">Privacy policy</a> |
| 129 | + </li> |
| 130 | + </ul> |
| 131 | + <br /> |
| 132 | + </footer> |
| 133 | + </div> |
| 134 | + |
| 135 | + |
| 136 | + |
| 137 | + |
| 138 | + |
| 139 | +<script> |
| 140 | +(function(f, a, t, h, o, m){ |
| 141 | + a[h]=a[h]||function(){ |
| 142 | + (a[h].q=a[h].q||[]).push(arguments) |
| 143 | + }; |
| 144 | + o=f.createElement('script'), |
| 145 | + m=f.getElementsByTagName('script')[0]; |
| 146 | + o.async=1; o.src=t; o.id='fathom-script'; |
| 147 | + m.parentNode.insertBefore(o,m) |
| 148 | +})(document, window, '//stats.sqlitebrowser.org/tracker.js', 'fathom'); |
| 149 | +fathom('set', 'siteId', 'DWUMT'); |
| 150 | +fathom('trackPageview'); |
| 151 | +</script> |
| 152 | + |
| 153 | + |
| 154 | + |
| 155 | + |
| 156 | + <script src="https://utteranc.es/client.js" |
| 157 | + repo="sqlitebrowser/website" |
| 158 | + issue-term="pathname" |
| 159 | + label="utterances" |
| 160 | + theme="github-light" |
| 161 | + crossorigin="anonymous" |
| 162 | + async> |
| 163 | +</script> |
| 164 | + |
| 165 | + |
| 166 | + </body> |
| 167 | +</html> |
| 168 | + |
0 commit comments