Adding an embedded signature on setup-x86_64.exe
Brian Inglis
Brian.Inglis@SystematicSw.ab.ca
Sun Nov 20 07:26:39 GMT 2022
On Fri Nov 18 21:15:04 GMT 2022, Dale McCoy wrote:
> I use Cygwin in the course of work, and while I can use the external gpg
> signature to verify the validity of setup-x86_64.exe, my IT department
> can't see that step. They get somewhat concerned when they see that Windows
> thinks setup-x86_64.exe is unsigned, and I certainly don't blame them.
> Can I convince you to also embed a signature in the installer, so Windows
> recognizes the file is signed?
> I couldn't find a previous request on the mailing list for this, but I may
> have missed it in my attempts to grep the monthly digests.
See thread "Should cygwin's setup*.exe be signed using Sign Tool?":
https://cygwin.com/pipermail/cygwin/2015-April/220978.html
https://inbox.sourceware.org/cygwin/E1Ydjc5-0000kv-WD@rmm6prod02.runbox.com/
In case we ever need it, one of our setup maintainers packaged osslsigncode:
https://cygwin.com/packages/summary/osslsigncode-src.html
--
Take care. Thanks, Brian Inglis Calgary, Alberta, Canada
La perfection est atteinte Perfection is achieved
non pas lorsqu'il n'y a plus rien à ajouter not when there is no more to add
mais lorsqu'il n'y a plus rien à retirer but when there is no more to cut
-- Antoine de Saint-Exupéry
More information about the Cygwin
mailing list