We have been using this task for quite a while now and it works like a charm. Recently we switched from a regular code signing cert to an EV code signing cert, stored on a USB token. In order to access the certificate, a token password has to be entered each time a file is going to be signed. Using the "single logon" option of the SafeNet client, entering the password can be reduced to one time per session. However, this solution is still far from perfect. After some research I found this: Automate Extended Validation (EV) code signing
Using this approach it is possible to pass the token password to the SafeNet eToken as a parameter of SignTool.exe. This allows us to fully automate the signing process. In order to make this work, the cryptographic service provider (/csp) and the key container (/k) have to be specified as parameters for SignTool.exe.
For now we are using a private installation of a modified version of this task. I would really appreciate if you could add these two optional parameters so we can use the official release of your task again. Even if somebody is not using the mentioned approach, the added flexibility could be useful. I'll gladly provide a PR if you think, this feature would be helpful.
We have been using this task for quite a while now and it works like a charm. Recently we switched from a regular code signing cert to an EV code signing cert, stored on a USB token. In order to access the certificate, a token password has to be entered each time a file is going to be signed. Using the "single logon" option of the SafeNet client, entering the password can be reduced to one time per session. However, this solution is still far from perfect. After some research I found this: Automate Extended Validation (EV) code signing
Using this approach it is possible to pass the token password to the SafeNet eToken as a parameter of
SignTool.exe. This allows us to fully automate the signing process. In order to make this work, the cryptographic service provider (/csp) and the key container (/k) have to be specified as parameters forSignTool.exe.For now we are using a private installation of a modified version of this task. I would really appreciate if you could add these two optional parameters so we can use the official release of your task again. Even if somebody is not using the mentioned approach, the added flexibility could be useful. I'll gladly provide a PR if you think, this feature would be helpful.