/docker-osslsigncode

Docker image for signing Windows binaries with Microsoft Authenticode using osslsigncode

Primary LanguageDockerfileApache License 2.0Apache-2.0

vegardit/docker-osslsigncode

Build Status License Docker Pulls Docker Stars Contributor Covenant

  1. What is it?
  2. Docker image tagging scheme
  3. Usage
  4. License

What is it?

Docker image for signing Windows binaries with Microsoft Authenticode using osslsigncode.

It is automatically built daily to include the latest OS security fixes.

Docker image tagging scheme

Tag Description OS
:latest
:latest-alpine		 build of the latest available release Alpine Latest
:latest-debian build of the latest available release Debian Stable
:develop
:develop-alpine		 build of the development branch Alpine Latest
:develop-debian build of the development branch Debian Stable
:2.x
:2.x-alpine		 build of the latest minor version of the respective
major release, e.g. 2.x may contain release 2.1		 Alpine Latest
:2.x-debian build of the latest minor version of the respective
major release, e.g. 2.x may contain release 2.1		 Debian Stable

See all tags at https://hub.docker.com/r/vegardit/osslsigncode/tags

Usage

The docker image is configured to use /work as work directory.

You can mount the folder with the executables to sign into the /work directory and then use relative paths for --in and --out parameters of osslsigncode.

For example:

docker run --rm -v $PWD:/work vegardit/osslsigncode sign \
  -certs mycert.crt -key mykey.der \
  -n 'My Application' -i https://www.mywebsite.com/ \
  -in myapp.exe -out myapp-signed.exe

License

All files in this repository are released under the Apache License 2.0.

Individual files contain the following tag instead of the full license text:

SPDX-License-Identifier: Apache-2.0

This enables machine processing of license information based on the SPDX License Identifiers that are available here: https://spdx.org/licenses/.