![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 65%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAI%3C/text%3E%3C/svg%3E)
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,193 questions
@Actualpacs Improve your diagnoses
I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this!
- Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others", I'll repost your solution in case you'd like to accept the answer.
Issue:
Difficulty using EV-HSM certificate for code signing on CentOS across multiple VPS
We recently acquired an EV-HSM certificate from GlobalSign and successfully integrated it into our Azure Key Vault. Our current challenge lies in the automated use of this certificate for code signing executables (exe) on CentOS. Our aim is to seamlessly incorporate it across multiple VPS instances to sign dynamically generated executables for specific users, featuring a medical image viewer and associated medical images. We are actively seeking guidance or support, specifically looking for a reference or guide that facilitates an automated solution. Your insights or recommendations for achieving an automated executable signing process would be greatly appreciated. Thank you for your time and support. tl;dr: Struggling with the automated use of EV-HSM certificate for code signing on CentOS across multiple VPS instances. Executables generated dynamically.
Solution:
After setting up everything as per the specifications outlined in this stackoverflow answer and using this tool https://github.com/ebourg/jsign, we have successfully implemented the signing of our executables.
The 'signtool' tool proved to be ineffective for our purposes as we operate on CentOS 7, and there is no longer support for mingw, as indicated in this bug report: https://bugzilla.redhat.com/show_bug.cgi?id=1807975."
If I missed anything please let me know and I'd be happy to add it to my answer, or feel free to comment below with any additional information.
I hope this helps!
If you have any other questions, please let me know. Thank you again for your time and patience throughout this issue.
