2

I want to build and code-sign a WPF application and deploy it using ClickOnce using Jenkins.

My setup is:

  • Jenkins (newest version, running Admin)
  • certificate on a USB token, activated single logon in SafeNet Client since the USB token shows a pop-up to enter the token password
  • running signtool.exe sign /a /v "<path>\Shared.dll" in the admin console works well
  • running the same command as an AfterCompile/AfterPublish build command results in the following error: SignTool error : No certificates were found that met all the given criteria.

Found a few related issues here and here, but no solutions yet.

How can I make sure the Jenkins service finds the USB token when running the signtool command?

Community
  • 1
  • 1
casaout
  • 1,819
  • 3
  • 24
  • 54

1 Answers1

2

If you are running jenkins as a windows service you need to change properties of Jenkins from services. Jenkins Service

Right-click and select properties. On the "Log On" tab, select "this account" and enter your credentials.

Log On Screen

Do not forget to check "enable single sign on" from the SafeNet Authentication Client as described here

To sign with USB token;

"signtool.exe" sign /a /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "your_file"

It worked for me. I hope it helps you, too.

Yusuf K.
  • 4,195
  • 1
  • 33
  • 69