In Visual Studio's Project Properties -> Signing tab, I have signed my project with a code-signing certificate. On my team, however, I'm the only one with the code-signing certificate, even though we're in a multiple-developer environment. When the other developers try to "Start Debugging", they get the following message:
在Visual Studio的项目属性 - >签名选项卡中,我使用代码签名证书对我的项目进行了签名。但是,在我的团队中,即使我们处于多开发人员环境中,我也是唯一拥有代码签名证书的人。当其他开发人员尝试“开始调试”时,他们会收到以下消息:
"cannot find the certificate that matches the project system thumbprint"
“找不到与项目系统指纹匹配的证书”
Anyone have any suggestions for allowing them to debug their project, but only allow me to publish?
任何人都有任何建议允许他们调试他们的项目,但只允许我发布?
2 个解决方案
#1
One thing that might work is adding a post-build event to call a script that does your signing. You could use something like signtool.exe to sign the files when you publish them.
可能有用的一件事是添加一个post-build事件来调用执行签名的脚本。您可以使用signtool.exe之类的东西在发布文件时对其进行签名。
You could make multiple versions of a script file, for instance: Debug_sign.bat, Release_sign.bat
您可以创建脚本文件的多个版本,例如:Debug_sign.bat,Release_sign.bat
Then in your Post-build event command line:
call "$(ProjectDir)$(ConfigurationName)_sign.bat"
would call the correct script depending on your target.
Only the release script would actually sign the output files. The debug script file could just do nothing..
I've used signtool to sign an assembly with a .pfx like this:
signtool.exe sign /f "codesign_cert.pfx" /p "cert_password" /d "App description" /du "http://mywebsite" myApp.exe
然后在Post-build事件命令行中:调用“$(ProjectDir)$(ConfigurationName)_sign.bat”将根据您的目标调用正确的脚本。只有发布脚本才会实际签署输出文件。调试脚本文件可能什么都不做..我使用signtool来签署一个带有.pfx的程序集,如下所示:signtool.exe sign / f“codesign_cert.pfx”/ p“cert_password”/ d“App description”/ du “http:// mywebsite”myApp.exe
#1
One thing that might work is adding a post-build event to call a script that does your signing. You could use something like signtool.exe to sign the files when you publish them.
可能有用的一件事是添加一个post-build事件来调用执行签名的脚本。您可以使用signtool.exe之类的东西在发布文件时对其进行签名。
You could make multiple versions of a script file, for instance: Debug_sign.bat, Release_sign.bat
您可以创建脚本文件的多个版本,例如:Debug_sign.bat,Release_sign.bat
Then in your Post-build event command line:
call "$(ProjectDir)$(ConfigurationName)_sign.bat"
would call the correct script depending on your target.
Only the release script would actually sign the output files. The debug script file could just do nothing..
I've used signtool to sign an assembly with a .pfx like this:
signtool.exe sign /f "codesign_cert.pfx" /p "cert_password" /d "App description" /du "http://mywebsite" myApp.exe
然后在Post-build事件命令行中:调用“$(ProjectDir)$(ConfigurationName)_sign.bat”将根据您的目标调用正确的脚本。只有发布脚本才会实际签署输出文件。调试脚本文件可能什么都不做..我使用signtool来签署一个带有.pfx的程序集,如下所示:signtool.exe sign / f“codesign_cert.pfx”/ p“cert_password”/ d“App description”/ du “http:// mywebsite”myApp.exe
#2
Would delayed signing do the trick for you?
延迟签名会为你做点什么吗?