How do I sign a vsix with azure Trusted Signing Service?

David Watson 20 Reputation points
2024-07-25T16:58:08.3666667+00:00

I have moved to Azure Trusted Signing and need to sign a visx file. VsixSignTool only supports PFX files.
https://github.com/vcsjones/OpenOpcSignTool

Seems to support azure key vaults.

Nothing seems to support Azure Trusted Signing.

Visual Studio
Visual Studio
A family of Microsoft suites of integrated development tools for building applications for Windows, the web and mobile devices.
5,197 questions
Azure Trusted Signing
Azure Trusted Signing
Trusted Signing is a Microsoft fully managed, end-to-end signing solution that simplifies the certificate signing process and helps partner developers more easily build and distribute applications.
110 questions
0 comments No comments
{count} votes

Accepted answer
  1. Marilee Turscak-MSFT 36,866 Reputation points Microsoft Employee
    2024-07-29T22:02:11.91+00:00

    Hi @David Watson ,

    Just to add to Tianyu's answer:

    We only support file types supported by SignTool: https://learn.microsoft.com/en-us/azure/trusted-signing/faq#what-types-of-files-can-be-signed-with-trusted-signing

    That said, the dotnet/Sign project now has a pre-release version with Trusted Signing integration to expand our support to include VSIX, NuGet, and ClickOnce here: NuGet Gallery | sign 0.9.1-beta.24325.5. Once this is more stable, we will publish information more information on how to use it with Trusted Signing. 

    Support for Azure Trusted Signing · Issue #683 · dotnet/sign (github.com)

    Hope this helps!

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Tianyu Sun-MSFT 31,246 Reputation points Microsoft Vendor
    2024-07-26T07:10:07.46+00:00

    Hello @David Watson,

    Thank you for taking time to post this issue in Microsoft Q&A forum.

    I have checked but didn’t find the proper tools too.

    Either this document: Signing VSIX Packages or this document: Set up signing integrations to use Trusted Signing doesn’t seem to provide any confirmation for whether it’s possible to sign a vsix with Azure Trusted Signing Service. But looks like, it’s not supported currently.

    I would recommend also double confirming this here: GitHub-dotnet-sign.

    BTW, added Azure tag for better(maybe some confirmations from Azure side) help.

    Best Regards,

    Tianyu


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.