Project

General

Profile

Feature #1591

use hardware token

Added by Harjo Kompagnie 28 days ago. Updated 27 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Patrick Talbot
Start date:
04/02/2024
Due date:
% Done:

0%

Estimated time:
Browser (if web client):

Description

Hi Patrick,

is it possible the we can use the tool with a hardware token?
You can't get a signing certificate anymore and put into a jks file:

As of June 1, 2023, all Code Signing Certificates must comply with the new CA/B Forum regulations to ensure that the subscriber’s private key is generated, stored, and used in a suitable FIPS-compliant hardware. ​
Do you have expireince with that?

History

#1

Updated by Patrick Talbot 28 days ago

Yes, I do have experience with that, I'll try to compile a version compatible with that.

#2

Updated by Patrick Talbot 27 days ago

  • Tracker changed from Defect to Feature
  • Status changed from New to Resolved

See v1.4 that I just released.

You will need to create a token config.cfg file (see the content of the zip for an example of the content), refer to the internet on which dll or dylib this should point to, depending on your OS.

You will see a new dialog in the tool to set the path to that file + the alias of your certificate in the token + the token password. You need to fill these information before running the signing itself.

#3

Updated by Patrick Talbot 27 days ago

Actually, better use v1.4.1 that I just released, which will make it easier to find the alias of the token certificate to use...

Also available in: Atom PDF