Signing Windows executables and Visual Studio Team Services

When you download a program from the internet and execute it, User Account Control warns you about the application you’re about going to start. When you start the Firefox installer, for example, you get a message like this:

Windows tells you who the publisher of this file is. In this case, it’s the Mozilla Corporation. In this way, it warns users who download a certain file, who the original publisher is. If the file has been tampered, the publisher will be reset into an “Unidentified Publisher”.

Visual Studio Team Services (VSTS) has build in tasks to sign iOS and Android applications, however there are no off the shelf solutions for signing Windows applications. ThereforeĀ I investigated a way for signing an application within VSTS using Continuous Integration.

Read More…

Posted in DevOps at October 24th, 2017. No Comments.