You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/packaging/signing.mdx
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -56,10 +56,10 @@ Signing relies on `signtool.exe` which is only supported on Windows. If you are
56
56
1. First you will need to create an Azure account at: https://azure.microsoft.com/pricing/purchase-options/azure-account?icid=trusted-signing. This account will need to have an [active subscription](https://learn.microsoft.com/azure/cost-management-billing/manage/create-subscription#create-a-subscription).
57
57
0. Register the Azure Trusted Signing [resource provider](https://learn.microsoft.com/azure/azure-resource-manager/management/resource-providers-and-types). This can be done either in the Azure portal, or via the Azure CLI by following [these instructions](https://learn.microsoft.com/azure/trusted-signing/quickstart?tabs=registerrp-portal%2Caccount-portal%2Corgvalidation%2Ccertificateprofile-portal%2Cdeleteresources-portal#register-the-trusted-signing-resource-provider).
58
58
0. Create the Azure Trusted Signing resource by following [these instructions](https://learn.microsoft.com/azure/trusted-signing/quickstart?tabs=registerrp-portal%2Caccount-portal%2Corgvalidation%2Ccertificateprofile-portal%2Cdeleteresources-portal#create-a-trusted-signing-account). Note the name and region that you select, as you will use these values later for the `CodeSigningAccountName` and `Endpoint` values respectively, in the signing configuration JSON file.
59
-
0. Create an identity validation request by following [these instructions](https://learn.microsoft.com/azure/trusted-signing/quickstart?tabs=registerrp-portal%2Caccount-portal%2Corgvalidation%2Ccertificateprofile-portal%2Cdeleteresources-portal#create-an-identity-validation-request). This step must be done in the Azure Portal. The identity validation can either be done for an Organization or an Individual developer. This process make take a while as the identity infomration is verified by Microsoft. Return to these steps after the identity validation process is completed.
59
+
0. Create an identity validation request by following [these instructions](https://learn.microsoft.com/azure/trusted-signing/quickstart?tabs=registerrp-portal%2Caccount-portal%2Corgvalidation%2Ccertificateprofile-portal%2Cdeleteresources-portal#create-an-identity-validation-request). This step must be done in the Azure Portal. The identity validation can either be done for an Organization or an Individual developer. This process make take a while as the identity information is verified by Microsoft. Return to these steps after the identity validation process is completed.
60
60
0. Create a certificate profile by following [these instructions](https://learn.microsoft.com/azure/trusted-signing/quickstart?tabs=registerrp-portal%2Caccount-portal%2Corgvalidation%2Ccertificateprofile-portal%2Cdeleteresources-portal#create-a-certificate-profile). There are multiple [trust models](https://learn.microsoft.com/azure/trusted-signing/concept-trusted-signing-trust-models) that are supported. The Public Trust model is the most common and is suitable for most applications. Note the name of the certificate profile as you will use this value later as the `CertificateProfileName` in the signing configuration JSON file.
61
-
0. Velopack comes bundled with a version of [signtool.exe](https://learn.microsoft.com/azure/trusted-signing/how-to-signing-integrations#download-and-install-signtool) (x64) and the [dlib package](https://learn.microsoft.com/azure/trusted-signing/how-to-signing-integrations#download-and-install-the-trusted-signing-dlib-package) that is compatible with Azure Trusted Signing. These components [require the .NET 8.0 Runtime](https://learn.microsoft.com/azure/trusted-signing/how-to-signing-integrations#download-and-install-net-80-runtime) be installed on the machiene that will be performing the signing. You can find the latest version of the .NET 8.0 runtime [here](https://dotnet.microsoft.com/download/dotnet/8.0).
62
-
0. Setup authentication with Azure Trusted Signing. `signtool.exe` leverages the common [DefaultAzureCredentials](https://learn.microsoft.com/dotnet/api/azure.identity.defaultazurecredential?view=azure-dotnet) class for authenticating with Azure. This class supporta authenticating in a variety of ways, including the Azure CLI. After installing the Azure CLI, run `az login`. This will provide signtool.exe the authentication it needs when `vpk` invokes it. If you are running inside of the [GitHub Actions](https://github.com/marketplace/actions/azure-cli-action) or [Azure DevOps](https://learn.microsoft.com/azure/devops/pipelines/tasks/reference/azure-cli-v2?view=azure-pipelines) there is built in support that handles performing the needed authentication.
61
+
0. Velopack comes bundled with a version of [signtool.exe](https://learn.microsoft.com/azure/trusted-signing/how-to-signing-integrations#download-and-install-signtool) (x64) and the [dlib package](https://learn.microsoft.com/azure/trusted-signing/how-to-signing-integrations#download-and-install-the-trusted-signing-dlib-package) that is compatible with Azure Trusted Signing. These components [require the .NET 8.0 Runtime](https://learn.microsoft.com/azure/trusted-signing/how-to-signing-integrations#download-and-install-net-80-runtime) be installed on the machine that will be performing the signing. You can find the latest version of the .NET 8.0 runtime [here](https://dotnet.microsoft.com/download/dotnet/8.0).
62
+
0. Setup authentication with Azure Trusted Signing. `signtool.exe` leverages the common [DefaultAzureCredentials](https://learn.microsoft.com/dotnet/api/azure.identity.defaultazurecredential?view=azure-dotnet) class for authenticating with Azure. This class supports authenticating in a variety of ways, including the Azure CLI. After installing the Azure CLI, run `az login`. This will provide signtool.exe the authentication it needs when `vpk` invokes it. If you are running inside of the [GitHub Actions](https://github.com/marketplace/actions/azure-cli-action) or [Azure DevOps](https://learn.microsoft.com/azure/devops/pipelines/tasks/reference/azure-cli-v2?view=azure-pipelines) there is built in support that handles performing the needed authentication.
63
63
0. Create signing metadata JSON file. This file has three required paramters and an optional CorrelationId. The file should look like this:
0 commit comments