Ways to perform EV code singing od Win Desktop app in cloud
We use EV code signing for our Windows Desktop app, so that SmartScreen treats it as trusted. That's all good, except the signature process requires hardware token to be plugged-in in the system where signing process happens. Now we would like to move building process to cloud and... that's the question: how is it supposed we could plug token to AWS?? Maybe there are another solutions for this issue? I can't believe that huge developers do all builds manually in order to have them signed.
See also questions close to this topic
Error in file(description = xlsxFile) : invalid 'description' argument
This is my first time to use R on a cloud server. I've downloaded the data to my online working directory. These are some details about my working directory:
getwd()  "/home/fategh" list.files()  "nearline" "projects" "R" "rawdata.xlsx.gz"  "scratch"
Now, when I try to read the data, I get the following error:
data=read.xlsx((gzfile("rawdata.xlsx.gz"))) Error in file(description = xlsxFile) : invalid 'description' argument data=read.xlsx((gzfile("home/fategh/rawdata.xlsx.gz"))) Error in file(description = xlsxFile) : invalid 'description' argument
I tried whatever path I could think of:
> data=read.xlsx((gzfile(file.choose()))) Enter file name: rawdata Error in file(description = xlsxFile) : invalid 'description' argument > data=read.xlsx((gzfile(file.choose()))) Enter file name: rawdata.xlsx Error in file(description = xlsxFile) : invalid 'description' argument > data=read.xlsx((gzfile(file.choose()))) Enter file name: rawdata.xlsx.gz Error in file(description = xlsxFile) : invalid 'description' argument
I don't know what to do about it. It's my first time working on a cloud shell.
Pyspark trying connect to spark master, but connection refused
I have a 3 node docker swarm cluster in cloud, and there are spark master and spark worker services, the spark worker connect to master with success, in spark master UI, is showed the spark worker connection::
But there is a service running a python script, with pyspark, the pyspark try connect to spark master, but is showed connection refused error, in logs below:
I used nestat to show the listening ports in cluster, and the port to connection of spark master (7077) is listening:
I am searching the problem in web for days without response, may help me? thanks.
Only small images are being pulled from Amazon ECR in EC2 instance from within CloudFormation Template. Large images fail to get pulled
From within the Cloud Formation Template, I am able to pull a small Alpine Image present in ECR. But in the same ECR (different Repo), I have an image which is 29GB in size. This image is not getting pulled.
There is no sign of why the image is not being pulled.
When I manually SSH into the EC2 instance and then do docker pull, it gets pulled successfully without any issues.
My only suspicion is the size and I think all the commands in the "UserData" section of the template will be performed within a time limit.
Am I doing something wrong ?
Are there any other log files that I should be checking in tracking where the error is ?
PS : The 29GB image complies with the layer-size-limit of ECR which is 10GB.
How do you view the public signing certificate fingerprint of an APK installed in a Work profile?
I'm testing an Android APK distribution process that I have little control over. Namely there is MDM software involved which pushes an app to my test phone on my behalf, to the Work profile.
I need to see the public signing certificate fingerprint of an APK already in the Work profile on a phone.
Using the instructions here, it is trivial to do this if you have a copy of the APK and can guarantee its the same one being served to the phone --I can't, because it's part of what's under test.
There are methods to do this by downloading APKs from the phone, but I can't see how this is done if the APK is installed in the Work profile. Likewise, I can't see where the work profile apps live on the Android file system; work profile apps do not seem to be installed to
/data/datalike the personal profile apps.
Cryptographically Guarantee Integrity of Python Code
I'm developing a system for loading plugins dynamically in Python. This system will allow plugin files to be distributed via the internet and as such, I want to create a system for verifying the authenticity of the content provided. To facilitate this, I want to use x509 certificates.
My system will package up Python files and include the code content, a manifest for relevant meta information, and an x509 certificate containing an MD5 and SHA1 hash of the code content as URI additions to the Subject Alternative Name extension which has been signed by an internal CA cert. My verification process is as follows:
Include a copy of the CA public key with the plugin loader at build time.
Plugin creators must submit their code content for signing to my internal CA Authority to be signed.
Unpack the code content and generate the MD5 and SHA1 hash of the unpacked content
Verify the authenticity of the cert chain included with the plugin against the internal public cert from (1)
Read the Subject Alternative Name of the authenticated cert and compare it against the generated MD5 and SHA1 hash.
If the cert is successfully authenticated and the MD5 and SHA1 hashes match, respectively, then the code content will be loaded and executed.
Fail to load the code content otherwise.
My Goal: Create a cryptographically secure process to verify code content.
I already have a working algorithm that models this process, but I'm unsure about how secure it is. My knowledge tells me that I can establish a chain of trust based on the fact that the plugin certificate is trusted by my own internal CA cert, and thus since the cert is considered trustworthy, it's content can be used for authentication. This leads me to believe that this process is secure, but some additional scrutiny is always useful.
"The file libswiftCore.dylib doesn't have the correct code signature"
This is an app I have previously uploaded builds for to the App Store with no issue.
I have not modified anything in the build settings.
I followed the steps in this Apple documentation under the "Embedded .dylib Files" section and the terminal output showed that all the dylib files in the .app package have file names that begin with 'libswift'
I am using Xcode 11.4
Any other suggestions? Just restart Xcode and restart my computer and try again?
I first received the email "Version has completed processing. You can now use this build for TestFlight or submit to the App Store"
Then when I submitted for review to the TestFlight team, I received the email "ITMS-90433: Invalid Swift Support - The file libswiftCore.dylib doesn’t have the correct code signature. Make sure you’re using the correct signature, rebuild your app using the current public (GM) version of Xcode, and resubmit it. Don’t just modify the code signature of libswiftCore.dylib."
Thanks for any help!
How can I set the download flag for smartscreen defender explicitly
I'm currently testing my code signing and smart screen behavior of my windows application.
Therefore it would be nice, to set the download-flag explicitly, so that the smart screen scan is triggered. Of course, I can upload my app to the web and download it again, so that this flag is set. But there must be a way to set it explicitly, as chrome or other tools are doing it anyways.
The download-flag I'm referring to is shown in the windows file properties dialog at the bottom as "this file came from another computer and might be blocked".
What is the correct keyword to google here?
SmartScreen and EV Code Signing Certificate
I'm about to deploy an installation package of my software online as EXE installer file that users will be able to download from the website of my company, and then run and install. The installer and the applicatoin itself is C# .NET. The application is intented to be used on MS Windows 10.
I'm experiencing a problem with the "Windows protected your PC" in my tests. This screen is shown on user's Windows 10 when they download my setup.exe from the company website. The screen tells that the Publisher is unknown. So the user would need to "Unblock" the file first to run it without this blue screen.
How should I gently solve it so that we are sure the screen does not appear on Windows 10 of our users?
Should we buy EV code signing certificate from a Trusted Vendor (we are considering SECTIGO (COMODO)) and sign the setup.exe with it? Will it make the screen not appear then ?
Is there anything else we should do?
I have read that it might take some days and a couple of downloads to get rid of the SmartScreen. What are your experiences in terms of how long (and how many downloads of the software) it actually might take? Does anyone have any experience with SECTIGO EV code signing in terms of this?
Many help for any suggestions.
Does Windows SmartScreen stop AutoHotKey scripts from running?
I have written a simple script to open task manager, without me having to click yes on the Windows Smartscreen prompt. It gets as far as the prompt to open task manager, but AHK does not click on yes. It is as though the script freezes. The reason I have not disabled Smartscreen altogether is because I would like it to warn me with other programs.
My code so far:
#SingleInstance, Force >+Insert:: CoordMode, Mouse, Screen Run TaskMgr Sleep, 2000 Click, 811, 648 return
Preferably I would also like a better method than just waiting 2 seconds for Smartscreen to load, is there a method to detect when it is ready to click on yes?
Thanks in advance