Sign the 'nupkg' files; CLI:release/2.1.3xx (#9086)

johnbeisner · web-flow · commit 7d375481bc74 · 2018-04-17T16:53:03.000-07:00
* Sign the 'nupkg' files.
* Sign 'NuPkg' files with the 'NuGet' cert.
* Use "Microsoft402"
diff --git a/build/Signing.proj b/build/Signing.proj
@@ -5,6 +5,9 @@
     <!-- The signing infrastructure runs using MSBuild 14, which doesn't support some of the new syntax we're using.  So set the BuildingSingingProject
          property here to avoid importing files we don't need for signing which would cause errors if imported when using MSBuild 14. -->
     <BuildingSigningProject>true</BuildingSigningProject>
+    <ExternalCertificateId Condition="'$(ExternalCertificateId)' == ''">135020001</ExternalCertificateId>
+    <InternalCertificateId Condition="'$(InternalCertificateId)' == ''">Microsoft402</InternalCertificateId>
+    <NugetCertificateId Condition="'$(NugetCertificateId)' == ''">NuGet</NugetCertificateId>
   </PropertyGroup>
   
   <Import Project="..\dir.props" />
@@ -106,6 +109,10 @@
       <FilesToSign Include="$(PackagesDirectory)/**/*.cab">
         <Authenticode>$(InternalCertificateId)</Authenticode>
       </FilesToSign>
+      <FilesToSign Include="$(PackagesDirectory)/**/*.nupkg"
+                   Exclude="$(PackagesDirectory)/**/*symbols.nupkg">
+        <Authenticode>$(NugetCertificateId)</Authenticode>
+      </FilesToSign>
     </ItemGroup>
   </Target>
 
