Using Microsoft signtool.exe I can install the certificate inside my PC and then use the certificate to sign the file without providing the password. Is there a flag to do the same using PackageManagerCLI.exe?
This would be a very welcome feature as otherwise I would be forced to leave the certificate password inside a batch file which does not seem to me to be acceptable from the security point of view.
Indeed, I'm also seeking a solution for this issue. The main challenge we face is the requirement to use EV (Extended Validation) Certificates. Due to security considerations, it's not possible—nor is it ever recommended in such cases—to export the certificate with its private key.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Using Microsoft signtool.exe I can install the certificate inside my PC and then use the certificate to sign the file without providing the password. Is there a flag to do the same using PackageManagerCLI.exe?
This would be a very welcome feature as otherwise I would be forced to leave the certificate password inside a batch file which does not seem to me to be acceptable from the security point of view.
Thanks in advance for your suggestions
Mauro
Indeed, I'm also seeking a solution for this issue. The main challenge we face is the requirement to use EV (Extended Validation) Certificates. Due to security considerations, it's not possible—nor is it ever recommended in such cases—to export the certificate with its private key.