projects / platform / upstream / dotnet / runtime.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 33a3ba9)
Use MicrosoftDotNet500 cert for executable files (#52336)
authorMatt Mitchell <mmitche@microsoft.com>
Thu, 6 May 2021 14:40:35 +0000 (07:40 -0700)
committerGitHub <noreply@github.com>
Thu, 6 May 2021 14:40:35 +0000 (07:40 -0700)
Use this for .msi files, and update the incoming arcade provided defaults with MicrosoftDotNet500.
Do not use the UseDotNetCertificate property as this repo does not use Publish.proj

eng/Signing.props patch | blob | history

diff --git a/eng/Signing.props b/eng/Signing.props
index a0fb822..b546fd4 100644 (file)
--- a/eng/Signing.props
+++ b/eng/Signing.props
@@ -35,10 +35,18 @@
     <DownloadedSymbolPackagesWithoutPaths Include="@(DownloadedSymbolPackages->'%(Filename)%(Extension)')" />
     <FileSignInfo Include="@(DownloadedSymbolPackagesWithoutPaths->Distinct())" CertificateName="None" />
 
-    <FileExtensionSignInfo Include=".msi" CertificateName="Microsoft400" />
+    <FileExtensionSignInfo Include=".msi" CertificateName="MicrosoftDotNet500" />
     <FileExtensionSignInfo Include=".pkg" CertificateName="8003" />
     <FileExtensionSignInfo Include=".deb;.rpm" CertificateName="LinuxSign" />
   </ItemGroup>
+
+  <!-- Update existing defaults from arcade that were using Microsoft400 to use the .NET-specific cert -->
+  <ItemGroup>
+    <FileExtensionSignInfo Update="@(FileExtensionSignInfo->WithMetadataValue('CertificateName','Microsoft400'))" CertificateName="MicrosoftDotNet500" />
+    <StrongNameSignInfo Update="@(StrongNameSignInfo->WithMetadataValue('CertificateName','Microsoft400'))" CertificateName="MicrosoftDotNet500" />
+    <FileSignInfo Update="@(FileSignInfo->WithMetadataValue('CertificateName','Microsoft400'))" CertificateName="MicrosoftDotNet500" />
+  </ItemGroup>
+
   <ItemGroup Condition="'$(PrepareArtifacts)' == 'true' and '$(PostBuildSign)' == 'true'">
     <ItemsToSignWithPaths Include="$(DownloadDirectory)**\*.msi" />
     <ItemsToSignWithPaths Include="$(DownloadDirectory)**\*.exe" />
Domain: Dotnet / Core;