getting code signing certificate on own Yubikey and then using it to sign windows binaries in unattended way, on KVM VM
starting from June 2023 code signing certificates for MS Windows cannot be delivered as a file anymore. files are easy to steal. now certs must reside on security modules which don’t allow private key extraction, at least not for mere mortals. we’re using such a cert to sign exe and msi files on a build ... Read More