-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Provided a means to force the use of legacy MakeCert when the new Pow…
…erShell replacement is available, and automatically applied that in the event a client calling generateTrustCerts wants to do so without a key password (which is no longer an option using the new method). Some refactoring in code_sign module.
- Loading branch information
BuvinJ
committed
Feb 11, 2021
1 parent
4d52ffe
commit b86b7b0
Showing
3 changed files
with
90 additions
and
61 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,24 @@ | ||
from distbuilder import( SelfSignedCertConfig, | ||
getPassword, generateTrustCerts, buildTrustCertInstaller ) | ||
getPassword, generateTrustCerts, buildTrustCertInstaller ) | ||
|
||
companyTradeName = "Some Company" | ||
companyLegalName = "Some Company Inc." | ||
iconFilePath = "../../hello_world_tk/demo.ico" | ||
password = getPassword( isGuiPrompt=True ) | ||
|
||
# generate code signing files to retain (securely!) in house | ||
caCertPath, pfxFilePath = generateTrustCerts( | ||
SelfSignedCertConfig( companyTradeName ), pfxPassword=password, isOverwrite=True ) | ||
# Supply a PFX password using one of the following options. | ||
password = getPassword( isGuiPrompt=True ) | ||
#password = None # click ok through the prompts if you really don't want a password! | ||
#password = "my-secure-password" | ||
|
||
# Generate code signing files to retain (securely!) in house | ||
# It is recommended you set isOverwrite=False in production, to prevent | ||
# accidental losses of certs / keys. | ||
certConfig = SelfSignedCertConfig( companyTradeName ) | ||
caCertPath, keyFilePath = generateTrustCerts( | ||
certConfig, keyPassword=password, isOverwrite=True ) | ||
|
||
# build an installer to distribute to users | ||
buildTrustCertInstaller( | ||
companyTradeName, caCertPath, pfxFilePath, pfxPassword=password, | ||
companyTradeName, caCertPath, keyFilePath, keyPassword=password, | ||
companyLegalName=companyLegalName, iconFilePath=iconFilePath, | ||
isSilent=False, isDesktopTarget=True, isTest=True ) |