Code Signing
pearcec opened this issue · 2 comments
pearcec commented
Setup code signing.
- Do I need to sign both the .psd1 and .psm1? Assuming yes
- Need use a timestamp service perhaps https://www.freetsa.org/? But open to recommendations maybe http://timestamp.digicert.com?
- Would like to use Let's Encrypt
- All of this is performed via GitHub
- Can my keys be throwaway if the signatures is validated via Let's Encrypt and setup with a timestamp server?
pearcec commented
Looks like LE doesn't support code signing (makes sense). I found this https://sigstore.dev/
stale commented
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.