SigningServer
SigningServer copied to clipboard
Danielku15
A simple server for code-signing binaries for internal infrastructure usage.
Bumps [Azure.Identity](https://github.com/Azure/azure-sdk-for-net) from 1.10.3 to 1.11.0. Release notes Sourced from Azure.Identity's releases. Azure.Identity_1.11.0 1.11.0 (2024-04-09) Bugs Fixed AzurePowerShellCredential now handles the case where it falls back to legacy PowerShell without...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [NuGet.Packaging](https://github.com/NuGet/NuGet.Client) from 6.7.0 to 6.8.1. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
### Description The parallelism option should be available per-certificate instead only on global level. Software level certificates are only limited by the CPU resources while for HSM we might want...
### Description Currently we perform a separate signing operation for each file to validate that the certificate is operational (as workaround for faulty certificate objects). It would be better to...
### Description Instead using a username-password based auth, there should also be the option for an OIDC based auth which validates JWT bearer tokens. In alignment with https://github.com/Danielku15/SigningServer/issues/47 there needs...
### Description Currently there is a basic user authentication with username/password and each user has a single certificate. This should be changed that we have N certificates (with given names)...
### Description * pack and publish a container image (ghcr should be OK, no docker hub) * Enable environment variable configuration * Ensure we ship an empty runnable config in...
### Description Idea: * Use Hashicorp Vault for signing operations (authenticating against Vault then do signing with a cert) * Develop a Hashicorp Vault extension/module/plugin that can offer code signing...
Metadata
Owner
Metadata
A simple server for code-signing binaries for internal infrastructure usage.