try 3: windows sign config (#52)

2025-04-29 16:44:31 -07:00
parent 48a6c4f92d
commit 9999ab6bf7
2 changed files with 3 additions and 4 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -53,6 +53,7 @@ jobs:
          echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV" 
          echo "SM_CLIENT_CERT_FILE=D:\\Certificate_pkcs12.p12" >> "$GITHUB_ENV" 
          echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$GITHUB_ENV"
+          smctl windows certsync --keypair-alias=${{ secrets.DIGICERT_KEYPAIR_ALIAS }}
        shell: bash
      - name: Code signing with Software Trust Manager
        if: contains(matrix.os.name, 'windows')
--- a/forge.config.ts
+++ b/forge.config.ts
@@ -67,12 +67,10 @@ const config: ForgeConfig = {
  makers: [
    new MakerSquirrel({
      windowsSign: {
-        // signWithParams:
-        // '/csp "DigiCert Signing Manager KSP" /kc <keypair_alias> /f <certificate_file> /tr http://timestamp.digicert.com /td SHA256 /fd SHA256',
        certificateFile: process.env.SM_CLIENT_CERT_FILE,
        certificatePassword: process.env.SM_CLIENT_CERT_PASSWORD,
-        signToolPath:
-          "C:\\Program Files\\DigiCert\\DigiCert Keylocker Tools\\smctl.exe",
+        // signToolPath:
+        //   "C:\\Program Files\\DigiCert\\DigiCert Keylocker Tools\\smctl.exe",
        signWithParams: `/sha1 ${process.env.SM_CODE_SIGNING_CERT_SHA1_HASH} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256`,
      },
    }),