-
-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Azure Trusted Signing - unable to retrieve certificate chain #266
Comments
Are you sure the token used the second time is valid? |
You're right, it's a very short-lived token. Would you have any ideas how is this meant to work in a CI environment then? I've looked around but it's not immediately obvious. |
Typically the token is retrieved during the build by calling:
So you need the Azure CLI in your build environment and the credentials required to generate the token. |
Got it working, thanks. A combination of https://melatonin.dev/blog/code-signing-on-windows-with-azure-trusted-signing plus https://github.com/marketplace/actions/azure-login did the trick. |
Nice, I'm reopening the issue because the error reported could be improved. Jsign could hint about the expired token when receiving the "ClaimsPrincipal TenantId is null" error from Azure. |
Hi!
I successfully used this jsign to sign a Windows executable 3 days ago:
But when I try to use exactly the same command today, I get this:
The command is exactly the same. What could be going wrong?
The only external factor I noticed that changed is that Trusted Signing certificates only last 72h, so a new one got created today:
The text was updated successfully, but these errors were encountered: