You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jan 6, 2023. It is now read-only.
Patrick McCarty edited this page Nov 30, 2016
·
2 revisions
If swupd-client is built with the --enable-signature-verification configure option set, it will download a Manifest.MoM.sig file for the relevant version, which is a detached PKCS7 signature of the Manifest.MoM for the same version, and perform a verification of that signature.
However, swupd-server does not ship with support to create the detached signature. Instead, the signature must be created separately. One option is to use the mixer-tools as part of your DevOps flow, which supports creating the signature using a configurable path to a certificate. See the sign_manifest_mom() function in the helpers file.