The following plugin provides functionality available through Pipeline-compatible steps. Read more about how to integrate steps into your Pipeline in the Steps section of the Pipeline Syntax page.
For a list of other such plugins, see the Pipeline Steps Reference page.
venafiCodeSignWithJarSigner
: Venafi CodeSign Protect: sign with jarsignertppName
String
certLabel
String
extraArgs
(optional)
This plugin invokes Jarsigner under the hood. Here you can specify extra custom CLI arguments to pass to Jarsigner.
These arguments will be appended to the Jarsigner CLI invocation, and take precedence over any arguments implicitly passed by this plugin.
argument
String
file
(optional)
The path to the file to be signed.
Either a path or a glob must be given.
String
glob
(optional)
A glob that specifies the files to be signed.
Either a path or a glob must be given.
String
timestampingServers
(optional)
Specifies one or more timestamping authority servers to use during signing. Specifying this is strongly recommended, because it allows signed files to be usable even after the original signing certificate has expired.
If you specify more than one server, then a random one will be used.
Tip: here are some public timestamping authorities that you can use:
address
String
venafiClientToolsDir
(optional)
Specify the path to the directory in which Venafi CodeSign Protect client tools are installed. If not specified, it's autodetected as follows:
String
venafiVerifyWithJarSigner
: Venafi CodeSign Protect: verify with jarsignertppName
String
certLabel
String
file
(optional)
The path to the file to be verified.
Either a path or a glob must be given.
String
glob
(optional)
A glob that specifies the files to be verified.
Either a path or a glob must be given.
String
venafiClientToolsDir
(optional)
Specify the path to the directory in which Venafi CodeSign Protect client tools are installed. If not specified, it's autodetected as follows:
String
venafiCodeSignWithSignTool
: Venafi CodeSign Protect: sign with signtooltppName
String
fileOrGlob
A path or a glob that specifies the file(s) to be signed.
String
appendSignatures
(optional)
boolean
extraArgs
(optional)
This plugin invokes Signtool under the hood. Here you can specify extra custom CLI arguments to pass to Signtool.
These arguments will be appended to the Signtool CLI invocation. If they overlap with any arguments implicitly passed by this plugin, then Signtool will raise an error.
argument
String
sha1
(optional)
The SHA-1 hash of the certificate (inside the TPP) to use for code signing.
Normally you should use 'Signing certificate subject name' instead, but if that name is ambiguous, then use the SHA-1 hash to select a specific signing certificate.
Either a subject name or SHA-1 hash of the signing certificate must be given.
String
signToolPath
(optional)
String
signatureDigestAlgos
(optional)
The digest algorithm(s) to use to creating signatures.
If none specified, 'sha256' is used as the default algorithm. This is very secure, but may not be compatible with older Windows versions. If you need compatibility with older Windows versions, you should specify 'sha1' and 'sha256' (in that order).
When multiple digest algorithms are specified, they are applied in the order specified.
algorithm
String
subjectName
(optional)
The Common Name ("Issued to" or "CN") of the certificate (inside the TPP) to use for code signing.
You can obtain a list of Common Names with 'cspconfig listcertificates' and checking what comes after 'CN='.
Either a subject name or SHA-1 hash of the signing certificate must be given.
String
timestampingServers
(optional)
Specifies one or more timestamping authority servers to use during signing. Specifying this is strongly recommended, because it allows signed files to be usable even after the original signing certificate has expired.
If you specify more than one server, then a random one will be used.
Tip: here are some public timestamping authorities that you can use:
address
String
useMachineConfiguration
(optional)
boolean
venafiClientToolsDir
(optional)
C:\Program Files\Venafi CodeSign Protect
.String
venafiVerifyWithSignTool
: Venafi CodeSign Protect: verify with signtooltppName
String
fileOrGlob
A path or a glob that specifies the file(s) to be verified.
String
signToolPath
(optional)
String
useMachineConfiguration
(optional)
boolean
venafiClientToolsDir
(optional)
C:\Program Files\Venafi CodeSign Protect
.String
Please submit your feedback about this page through this quick form.
Alternatively, if you don't wish to complete the quick form, you can simply indicate if you found this page helpful?
See existing feedback here.