[Feature]: Nuget Sign Support for CSP's and thus HSM's outside of the Windows Store #11437
Labels
Functionality:Signing
Priority:3
Issues under consideration. With enough upvotes, will be reconsidered to be added to the backlog.
Type:Feature
Comments
nkolev92
added
the
Priority:3
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
NuGet Product(s) Involved
NuGet.exe
The Elevator Pitch
Over at #5907 (comment) the parameters for CryptographicServiceProvider and KeyContainer were removed. I would like those added back.
Certificates are inherently ephemeral things. As it stands, I have to add my signing certificate to the Windows Cert Store as part of my Jenkins pipeline. Setting up my HSM is accomplished as part of setting up my Jenkins agent, which is fine. I would like to be able to inject my certificate dependency as part of my pipeline. Then I could just have a simple "nuget sign -CryptographicServiceProvider 'some_hsm_provider' -KeyContainer 'mycontainer' -CertificatePath 'mypath'"
The discussion on #5907 is not wrong in that the same goal can be accomplished with the use of the Windows Cert Store, which is what I'm doing. It would be nicer for the CI/CD setting to have a more direct way to sign packages.
Additional Context and Details
No response
The text was updated successfully, but these errors were encountered: