[英]Getting a "No certificates were found" error in an Azure release pipeline
I'm working on migrating a TFS build/release to Azure DevOps Services (ADS) for a WPF app.我正在为 WPF 应用程序将 TFS 构建/发布迁移到 Azure DevOps 服务 (ADS)。 The build works fine, but I'm having problems with the release.
构建工作正常,但我在发布时遇到问题。 This is the first ADS release I've ever worked on.
这是我参与过的第一个 ADS 版本。
The original TFS build/release was done by a colleague who's since moved on.最初的 TFS 构建/发布是由一位同事完成的,此人已离职。 He used a PowerShell script to sign the ClickOnce manifest in the TFS release.
他使用 PowerShell 脚本对 TFS 版本中的 ClickOnce 清单进行签名。
I'm getting an error I searched here here on Stack Overflow, Signtool error: No certificates were found that met all given criteria with a Windows Store App?我在 Stack Overflow 此处搜索时遇到错误, Signtool 错误:找不到符合 Windows Store 应用程序所有给定条件的证书?
Looking through the answers to the posted, one of the answers is to clear the checkbox for the project's properties, "Sign the ClickOnce manifests".查看已发布的答案,答案之一是清除项目属性的复选框,“签署 ClickOnce 清单”。 I've looked and discovered that checkbox isn't checked.
我已经查看并发现未选中复选框。 I don't believe this is the cause of the error.
我不认为这是错误的原因。 And the PowerShell script my colleague wrote signed the manifest anyway.
无论如何,我同事写的 PowerShell 脚本签署了清单。 We need all manifests signed.
我们需要签署所有清单。
My colleague got a certificate from a signing authority.我的同事从签名机构获得了证书。 It is valid until sometime in 2022, so it hasn't expired.
它的有效期到 2022 年的某个时候,所以它还没有过期。
I took the certificate off the server it was on and put it into this project's Pipeline |我从它所在的服务器上取下了证书并将其放入该项目的 Pipeline | Library |
图书馆 | Secure Files location in ADS.
ADS 中的安全文件位置。 I'm using the Code Signing marketplace extension to sign the manifest.
我正在使用代码签名市场扩展来签署清单。 Here's the task in the ADS release pipeline:
这是 ADS 发布管道中的任务:
steps:
- task: stefankert.codesigning.codesigning-task.codesigning@2
displayName: 'Code Signing '
inputs:
secureFileId: 'DER Encoded Binary.cer'
signCertPassword: '$(signingCert.securePassword)'
files: '**/*.manifest'
timeServer: 'http://timestamp.comodoca.com'
description: 'ACDC ClickOnce'
I created a variable group in the Pipeline Library.我在管道库中创建了一个变量组。 The signingCert.securePassword is the name of one of the variable that has the password for the certificate.
signingCert.securePassword 是具有证书密码的变量之一的名称。
The error suggests to me that the pipeline can't find the file "DER Encoded Binary.cer" in the library |该错误提示我管道在库中找不到文件“DER Encoded Binary.cer” | Secure Files.
安全文件。 What am I doing wrong?
我究竟做错了什么?
Addendum:附录:
Looking at the log of the task closer, I see that it's finding the manifest file.仔细查看任务日志,我发现它正在查找清单文件。 Here's the line where it's using the signtool.exe:
这是使用 signtool.exe 的行:
[command]D:\a_tasks\codesigning_0e0f3bf7-d96c-45d6-aa76-f9afb71fb77e\2.2.0\signtool.exe sign /fd SHA256 /t http://timestamp.comodoca.com /f "D:\a_temp\DER Encoded Binary.cer" /p *** /d "ACDC ClickOnce" D:\a\r1\a_ACDC\drop\ACDC\bin\Release\ACDC.exe.manifest
[命令]D:\a_tasks\codesigning_0e0f3bf7-d96c-45d6-aa76-f9afb71fb77e\2.2.0\signtool.exe sign /fd SHA256 /t http://timestamp.comodoca.com /f "D:\a_temp\DER 编码Binary.cer" /p *** /d "ACDC ClickOnce" D:\a\r1\a_ACDC\drop\ACDC\bin\Release\ACDC.exe.manifest
I think the "secureFileId" refers to the GUID of the secure file.我认为“secureFileId”是指安全文件的 GUID。 If you click on the secure file, it will navigate you to a url to alter and view the settings of the secure file.
如果您单击安全文件,它将导航到 url 以更改和查看安全文件的设置。 In the URL, you'll notice the GUID.
在 URL 中,您会注意到 GUID。 Something like: http://MyServer:8080/tfs/YourProjectCollection/YourProject/_library?itemType=SecureFiles&view=SecureFileView&secureFileId= abcd1234-12ab-01a1-ab12-9d1c827a4 &path=YourSecureFile.pfx
类似于:http://MyServer:8080/tfs/YourProjectCollection/YourProject/_library?itemType=SecureFiles&view=SecureFileView&secureFileId= abcd1234-12ab-01a1-ab12-9d1c827a4 &path=YourSecureFile.pfx
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.