Authenticode sign the PowerShell scripts and assemblies #501

Closed
ferventcoder opened this Issue Dec 7, 2015 · 3 comments

Projects

None yet

2 participants

@ferventcoder
Member

One of the things we'll want to do for added security and for companies that need all scripts signed is to sign the PowerShell scripts.

https://groups.google.com/d/msgid/chocolatey/a476ca1e-85b0-4c53-816e-5621ef22ca9e%40googlegroups.com

@ferventcoder ferventcoder self-assigned this Dec 7, 2015
@ferventcoder ferventcoder added this to the 0.9.10 milestone Dec 7, 2015
@lboening

👍 Yes, this is irritating.

@ferventcoder ferventcoder referenced this issue in chocolatey/chocolatey.org Mar 25, 2016
Closed

Sign the install scripts #373

@ferventcoder ferventcoder changed the title from Sign the powershell scripts to Sign the powershell scripts and assemblies Mar 25, 2016
@ferventcoder ferventcoder added 3 - Done and removed 2 - Working labels Mar 25, 2016
@ferventcoder ferventcoder added a commit that referenced this issue Mar 25, 2016
@ferventcoder ferventcoder (GH-501) Sign Assemblies/PowerShell Files
To provide trust and more security in choco, signing the assemblies
is a very important aspect. Sign assemblies and PowerShell files
during the build process just before packaging the files into
the Chocolatey package.

 - Sign all assemblies - choco.exe, chocolatey.dll and the shims.
 - Sign all the PowerShell files.
6171ccf
@ferventcoder ferventcoder added a commit that referenced this issue Mar 25, 2016
@ferventcoder ferventcoder Merge branch 'stable'
* stable:
  (doc) update changelog/nuspec
  (GH-501) Sign Assemblies/PowerShell Files
  (build) formatting
  (build) fix windows powershell path
  (doc) add example gifs
  (GH-670) Search enhancements
  (GH-668) Search should sort by version desc
  (GH-412) Allow filtering subcommands by match
ee0254a
@ferventcoder
Member

This is shipping in the latest beta for 0.9.10 in a few minutes

@ferventcoder ferventcoder added a commit that referenced this issue Mar 25, 2016
@ferventcoder ferventcoder (GH-501) build fixes 593db2b
@ferventcoder ferventcoder added a commit that referenced this issue Mar 25, 2016
@ferventcoder ferventcoder Merge branch 'stable'
* stable:
  (GH-501) build fixes
76f47ef
@ferventcoder ferventcoder added a commit to ferventcoder/choco that referenced this issue Mar 25, 2016
@ferventcoder ferventcoder (GH-501) sudo fix the build 201a866
@ferventcoder ferventcoder added a commit to ferventcoder/choco that referenced this issue Mar 25, 2016
@ferventcoder ferventcoder Merge branch 'stable'
* stable:
  (GH-501) sudo fix the build
329c797
@ferventcoder ferventcoder added a commit to ferventcoder/choco that referenced this issue Apr 9, 2016
@ferventcoder ferventcoder (GH-501) allow shutting off sign when no network
When there is no network available shutting off code signing should be
available.
3f99bcf
@ferventcoder ferventcoder added a commit to ferventcoder/choco that referenced this issue Apr 9, 2016
@ferventcoder ferventcoder Merge branch 'pr613-new' into stable
* pr613-new:
  (GH-501) allow shutting off sign when no network
  (GH-448) Add Output Directory for choco new
3d67a72
@ferventcoder ferventcoder added a commit to ferventcoder/choco that referenced this issue Apr 9, 2016
@ferventcoder ferventcoder Merge branch 'stable'
* stable:
  (GH-501) allow shutting off sign when no network
  (GH-448) Add Output Directory for choco new
  (maint) assume xml file is utf8
  (maint) formatting
  (GH-258) Switch for only using silent args provided
  (GH-682) Add summary log file
  (GH-644) Add info command
  (GH-646) Add detail/detailed for search/list
  (maint) template share location should be appropriate
  (build) add a run.codesign switch
8a436eb
@ferventcoder ferventcoder changed the title from Sign the powershell scripts and assemblies to Sign the PowerShell scripts and assemblies with a code certificate Apr 13, 2016
@ferventcoder ferventcoder changed the title from Sign the PowerShell scripts and assemblies with a code certificate to Authenticode sign the PowerShell scripts and assemblies Apr 15, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment