Reply to post:

Fears Windows code-signing changes will screw up QA process

LDS Silver badge

While I understand the issue, most of our testing artifacts are signed with an internal certificate. The reason is we want to avoid testing executables look too much like production ones. Using certificates which are valid only on the tests systems is one way to spot them easily. It also means less people need access to the production keys.

Of course the final round of testing needs to ensure everything is ok in the full production configuration, and usually the accounts used for the automated builds can't get past the company fw/proxies, and run with as few privileges as possible. There may be also the issues of using more than one build machine, with a single device we'll have to build a separate signing server.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019