Vincent Parrett 746 Posted October 25 (edited) Hi All We have developed a client/server product to handle code signing. This makes it simple to code sign from any machine and avoid the dreaded token password prompts. It also supports file based certificates for those who still have valid ones! The client is a single exe (with a similar command line interface to signtool.exe) - 64 bit windows 10/Server 2016 or later (may run on earlier versions but not tested). The server is supported on Windows 10/Server 2016 or later (may run on earlier versions but not tested). Linux support for the server is planned (we have it building but have not tested yet). The server has a web interface for configuring it (adding certificates, managing users etc). We have tested with Safenet tokens (with our own cert) and with Yubikey tokens (with self signed cert). It should work with any token that provides a 64bit pkcs#11 2.4 library dll. We are especially interested in hearing from people with Yubikey tokens (since we have only tested with self signed cert). The token needs to be available to the server machine, either plugged in directly or via usb passthrough for vms, or via virtualhere. We’re still working on docs but it’s pretty simple to get up and running with it, we’ll provide some instructions with the download info etc. If you are interested in testing this product email support @ finalbuilder.com - let us know what kind of token you have. Edited October 25 by Vincent Parrett fixed images 10 Share this post Link to post
Mark- 27 Posted Sunday at 08:31 PM > We are especially interested in hearing from people with Yubikey tokens Which Yubikey series would you support? And would code signing be able to be automated with your "client/server product"? Share this post Link to post
Vincent Parrett 746 Posted Sunday at 09:13 PM 18 minutes ago, Mark- said: Which Yubikey series would you support? Any yubikey capable of containing a code signing certificate and supported by the yubikey pkcs#11 driver (installed with their PIV tool). We have tested with a 5C and a 5 Nano. 28 minutes ago, Mark- said: And would code signing be able to be automated with your "client/server product"? Yes, that's the main reason we developed the product (for our own use initially) - once you have configured the token/certificate on the server (via the web interface) then signing is done using the client with an api key - no password prompts. PM me if you are interested in testing - we're currently working on documentation and the website with a view to releasing as soon as they are done ( we have had some great feedback already). Also if anyone has a certificate issued by Certum and wants to test Signotuar please message me - I have a certum token/smartcard - but they didn't provide the puk so I can install certs on it for testing. 1 Share this post Link to post
![Delphi-PRAXiS [en]](https://en.delphipraxis.net/uploads/monthly_2018_12/logo.png.be76d93fcd709295cb24de51900e5888.png){kind=logo}
