Automatisez la signature de code avec Jenkins, Azure Key Vault et AzureSignTool
17 oct. 2025
Automatisez la signature de code avec Jenkins, Azure Key Vault et AzureSignTool
|
APERÇU : cette page vous guide tout au long du processus de configuration d'un pipeline CI/CD avec Jenkins, afin d'automatiser la signature de code des exécutables Windows (.exe) à l’aide d’un certificat de signature de code GlobalSign stocké dans Azure Key Vault. À l'issue de cette procédure, vous serez en mesure de configurer Jenkins pour l'automatisation CI/CD, d'intégrer Azure Key Vault avec AzureSignTool et de signer et vérifier automatiquement vos exécutables Windows. Pour en savoir plus sur la gestion des certificats de signature de code ainsi que sur les questions fréquemment posées, cliquez ici. |
Prérequis
-
Jenkins est installé et accessible
-
Agent de compilation Windows avec AzureSignTool installé
-
Un principal de service avec accès à Key Vault
-
Référentiel GitHub contenant votre code et vos artefacts de compilation (par exemple, .exe, .dll)
Guidelines
Instructions
Étape 1 : Configurer le webhook GitHub
-
Accédez à votre référentiel GitHub.
-
Accédez à Paramètres> Webhooks.
-
Cliquez sur Ajouter un webhook.
-
Remplissez les champs obligatoires avec les informations requises.
|
IMPORTANT : l'adresse IP indiquée dans l'image provient du serveur Jenkins et peut être modifiée. Cette configuration déclenche une compilation Jenkins à chaque fois que le code est poussé vers le référentiel. |
Étape 2 : Installer AzureSignTool
-
Pour installer Azure Signtool, assurez-vous que la dernière version du SDK .NET est installée, puis ouvrez l'Administrateur PowerShell et utilisez la commande suivante :
dotnet tool install --global AzureSignTool
Étape 3 : attribuer l'accès à Azure Key Vault
-
Accédez à votre Azure Key Vault > Access Policies.
-
Cliquez sur + Ajouter une stratégie d'accès.
-
Définissez les autorisations suivantes sous Autorisations de certificat :
• Obtenir
• Lister
• Signer
• Vérifier -
Attribuez la stratégie à votre entité de service ou à l'enregistrement de votre application.
-
Cliquez sur Ajouter > Enregistrer.
Étape 4 : Configurer Jenkins
-
Installez les plugins requis :
• Plugin SDK .NET
• Plugin GitHub -
Configurer l'outil SDK .NET :
• Accédez à Manage Jenkins > Global Tool Configuration.
• Ajoutez une nouvelle installation .NET SDK et cochez « Installer automatiquement
Étape 5 : Créer le pipeline Jenkins
-
Dans Jenkins, allez dans Tableau de bord > Nouvel élément.
-
Entrez un nom (par exemple, CodeSigningPipeline), sélectionnez Pipeline, puis cliquez sur OK.
-
Sous Déclencheurs, sélectionnez Déclencheur GitHub pour l'interrogation GITScm.
Remarque : cela garantira que toute modification apportée au référentiel GitHub déclenchera la compilation dans la tâche Jenkins. -
Faites défiler jusqu'à la section Pipeline, puis sous Définition, sélectionnez Script de pipeline.
-
Collez le script de pipeline déclaratif ci-dessous :
pipeline {
agent any
environment {
DOTNET_ROOT = "${tool 'dotnet-sdk'}"
PATH = "${env.DOTNET_ROOT}/bin:${env.PATH}"
WIN_SERVER_IP = "IP_ADDR"
CREDS_ID = "CREDS_ID_VALUE"
}
triggers {
githubPush()
}
stages {
stage('Checkout') {
steps {
checkout([$class: 'GitSCM',
branches: [[name: '*/main']],
userRemoteConfigs: [[
url: 'https://github.com/PrashantGSIN/CodeSigningAutomation.git',
credentialsId: 'CodeSigningAutomation'
]]
])
}
}
stage('Restore') {
steps {
sh 'dotnet restore'
}
}
stage('Build') {
steps {
sh 'dotnet build -c Release'
}
}
stage('Publish') {
steps {
sh 'dotnet publish -c Release -r win-x64 --self-contained true /p:PublishSingleFile=true'
}
}
stage('Archive Executable') {
steps {
archiveArtifacts artifacts: '**/*.exe', fingerprint: true
}
}
stage('Transfer Executable to Windows Server') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh """
scp -o StrictHostKeyChecking=no \
/var/lib/jenkins/workspace/CodeSigningAutomated/bin/Release/net9.0/win-x64/publish/HelloWorldApp.exe \
administrator@${WIN_SERVER_IP}:"C:/Users/Administrator/Desktop/"
"""
}
}
}
stage('Create Signing Script on Windows Server') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Create a more robust signing script
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo # Code Signing Script > C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Setting up environment...' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo \\\$env:PATH += ';C:\\Users\\Administrator\\.dotnet\\tools' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Starting code signing...' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Using AzureSignTool...' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo AzuresignTool sign -kvu 'https://signingcode.vault.azure.net/' -kvc 'CodeSigningHSM' -kvi 'kvi_value' -kvs 'kvs_value' --azure-key-vault-tenant-id 'key_vault_tenant_id' -tr 'http://timestamp.globalsign.com/tsa/advanced' -td sha256 'C:\\Users\\Administrator\\Desktop\\HelloWorldApp.exe' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Signing process completed.' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Exit code:' \\\$LASTEXITCODE >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
'''
}
}
}
stage('Sign Executable on Windows Server') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Debug: Show the signing script content before execution
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Signing script content: && type C:\\Users\\Administrator\\Desktop\\sign.ps1"
# Debug: Check if AzureSignTool is available
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Checking AzureSignTool availability...'; try { \\\$env:PATH += ';C:\\\\Users\\\\Administrator\\\\.dotnet\\\\tools'; AzuresignTool --help | Select-Object -First 5; Write-Host 'AzureSignTool found ✓' } catch { Write-Host 'AzureSignTool not found ✗'; Write-Host 'Error:' \\\$_.Exception.Message }\\""
# Execute the signing script with verbose output
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -ExecutionPolicy Bypass -Command \\"Write-Host 'Starting code signing process...'; \\\$env:PATH += ';C:\\\\Users\\\\Administrator\\\\.dotnet\\\\tools'; Write-Host 'Updated PATH:' \\\$env:PATH; try { & 'C:\\\\Users\\\\Administrator\\\\Desktop\\\\sign.ps1' } catch { Write-Host 'Signing script execution failed:' \\\$_.Exception.Message }\\""
# Alternative: Run signing command directly for debugging
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -ExecutionPolicy Bypass -Command \\"Write-Host 'Attempting direct signing...'; \\\$env:PATH += ';C:\\\\Users\\\\Administrator\\\\.dotnet\\\\tools'; try { AzuresignTool sign -kvu 'https://signingcode.vault.azure.net/' -kvc 'CodeSigningHSM' -kvi '7f9e5afe-8d5a-475e-9447-49d3f02914d9' -kvs 'oir8Q~WJodlbcMvyktSbOMJQs2yiQbs4RXE3QcXq' --azure-key-vault-tenant-id 'caf959d5-9c81-416b-a133-ae88c20d857c' -tr 'http://timestamp.globalsign.com/tsa/advanced' -td sha256 'C:\\\\Users\\\\Administrator\\\\Desktop\\\\HelloWorldApp.exe' } catch { Write-Host 'Direct signing failed:' \\\$_.Exception.Message; Write-Host 'Exit code:' \\\$LASTEXITCODE }\\""
'''
}
}
}
stage('Verify Code Signature') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Get-AuthenticodeSignature 'C:\\Users\\Administrator\\Desktop\\HelloWorldApp.exe' | Format-List\\""
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Certificate Chain Verification:'; \\\$sig = Get-AuthenticodeSignature 'C:\\Users\\Administrator\\Desktop\\HelloWorldApp.exe'; if(\\\$sig.SignerCertificate) { Write-Host 'File is SIGNED'; Write-Host 'Signer:' \\\$sig.SignerCertificate.Subject; Write-Host 'Valid From:' \\\$sig.SignerCertificate.NotBefore; Write-Host 'Valid Until:' \\\$sig.SignerCertificate.NotAfter; if(\\\$sig.TimeStamperCertificate) { Write-Host 'Timestamped: YES' } else { Write-Host 'Timestamped: NO' } } else { Write-Host 'File is NOT SIGNED' }\\""
'''
}
}
}
stage('Deploy Application') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Create deployment directory
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "if not exist C:\\\\Apps\\\\HelloWorldApp mkdir C:\\\\Apps\\\\HelloWorldApp"
# Stop existing service if running (ignore errors if service doesn't exist)
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "sc stop HelloWorldApp 2>nul || echo Service not running or doesn't exist"
# Copy signed executable to deployment directory
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "copy C:\\\\Users\\\\Administrator\\\\Desktop\\\\HelloWorldApp.exe C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe /Y"
# Create application configuration file
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo # HelloWorldApp Configuration > C:\\\\Apps\\\\HelloWorldApp\\\\config.txt"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Deployed on: %date% %time% >> C:\\\\Apps\\\\HelloWorldApp\\\\config.txt"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Version: 1.0 >> C:\\\\Apps\\\\HelloWorldApp\\\\config.txt"
# Create deployment script for easy management
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo @echo off > C:\\\\Apps\\\\HelloWorldApp\\\\run.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Starting HelloWorldApp... >> C:\\\\Apps\\\\HelloWorldApp\\\\run.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe >> C:\\\\Apps\\\\HelloWorldApp\\\\run.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo pause >> C:\\\\Apps\\\\HelloWorldApp\\\\run.bat"
# Test the deployed application
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe"
'''
}
}
}
stage('Create Windows Service (Optional)') {
when {
// Only run this stage if you want to create a Windows service
expression { return true } // Set to false to skip service creation
}
steps {
script {
try {
sshagent(credentials: [CREDS_ID]) {
sh '''
# First, check if service already exists and remove it
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Checking for existing service...'; try { \\\$service = Get-Service -Name 'HelloWorldApp' -ErrorAction SilentlyContinue; if(\\\$service) { Write-Host 'Stopping existing service...'; Stop-Service -Name 'HelloWorldApp' -Force -ErrorAction SilentlyContinue; Start-Sleep -Seconds 2; Write-Host 'Removing existing service...'; sc.exe delete HelloWorldApp | Out-Null; Start-Sleep -Seconds 2 } } catch { Write-Host 'No existing service found' }\\""
# Create Windows Service using sc.exe with proper error handling
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Creating Windows Service...'; try { \\\$result = Start-Process -FilePath 'sc.exe' -ArgumentList 'create', 'HelloWorldApp', 'binPath=', 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe', 'start=', 'manual', 'DisplayName=', 'HelloWorld Application' -Wait -PassThru -NoNewWindow; if(\\\$result.ExitCode -eq 0) { Write-Host 'Service created successfully'; \\\$descResult = Start-Process -FilePath 'sc.exe' -ArgumentList 'description', 'HelloWorldApp', 'HelloWorld Application - Deployed via Jenkins CI/CD Pipeline' -Wait -PassThru -NoNewWindow; if(\\\$descResult.ExitCode -eq 0) { Write-Host 'Service description set successfully' } else { Write-Host 'Service created but description setting failed' }; Write-Host 'Service configuration completed' } else { Write-Host 'Service creation failed with exit code:' \\\$result.ExitCode } } catch { Write-Host 'Service creation encountered an error:' \\\$_.Exception.Message }\\""
# Verify service creation
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Verifying service creation...'; try { \\\$service = Get-Service -Name 'HelloWorldApp' -ErrorAction SilentlyContinue; if(\\\$service) { Write-Host 'Service Status:' \\\$service.Status; Write-Host 'Service Name:' \\\$service.ServiceName; Write-Host 'Display Name:' \\\$service.DisplayName; Write-Host 'Service successfully registered' } else { Write-Host 'Service not found - creation may have failed' } } catch { Write-Host 'Service verification failed:' \\\$_.Exception.Message }\\""
# Set service to start automatically (optional)
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Configuring service startup...'; try { sc.exe config HelloWorldApp start= auto | Out-Null; Write-Host 'Service configured for automatic startup' } catch { Write-Host 'Service startup configuration failed' }\\""
'''
}
echo "Service creation completed successfully"
} catch (Exception e) {
echo "Service creation encountered issues: ${e.getMessage()}"
echo "Check if the application is compatible with Windows Service hosting"
}
}
}
}
stage('Service Management') {
when {
expression { return true } // Set to false to skip service management
}
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Create service management scripts
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo @echo off > C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Starting HelloWorldApp Service... >> C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo net start HelloWorldApp >> C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Service started successfully >> C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo pause >> C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo @echo off > C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Stopping HelloWorldApp Service... >> C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo net stop HelloWorldApp >> C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Service stopped successfully >> C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo pause >> C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo @echo off > C:\\\\Apps\\\\HelloWorldApp\\\\service-status.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Checking HelloWorldApp Service Status... >> C:\\\\Apps\\\\HelloWorldApp\\\\service-status.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo sc query HelloWorldApp >> C:\\\\Apps\\\\HelloWorldApp\\\\service-status.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo pause >> C:\\\\Apps\\\\HelloWorldApp\\\\service-status.bat"
# Show final deployment structure
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "echo. && echo Deployment completed. Files created: && dir C:\\\\Apps\\\\HelloWorldApp"
'''
}
}
}
stage('Deployment Verification') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Comprehensive deployment verification
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host '========================================'; Write-Host 'DEPLOYMENT VERIFICATION REPORT'; Write-Host '========================================'; Write-Host ''\\""
# 1. Verify application deployment
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host '1. APPLICATION DEPLOYMENT:'; if(Test-Path 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe') { Write-Host ' Status: DEPLOYED ✓'; \\\$file = Get-Item 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe'; Write-Host ' File size:' \\\$file.Length 'bytes'; Write-Host ' Last modified:' \\\$file.LastWriteTime; Write-Host ' Location: C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe' } else { Write-Host ' Status: NOT DEPLOYED ✗'; exit 1 }\\""
# 2. Verify code signature
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '2. CODE SIGNATURE VERIFICATION:'; \\\$sig = Get-AuthenticodeSignature 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe'; if(\\\$sig.SignerCertificate) { Write-Host ' Status: SIGNED ✓'; Write-Host ' Signer:' \\\$sig.SignerCertificate.Subject; Write-Host ' Valid from:' \\\$sig.SignerCertificate.NotBefore; Write-Host ' Valid until:' \\\$sig.SignerCertificate.NotAfter; Write-Host ' Hash Algorithm:' \\\$sig.HashAlgorithm; if(\\\$sig.TimeStamperCertificate) { Write-Host ' Timestamp: YES ✓' } else { Write-Host ' Timestamp: NO ✗' } } else { Write-Host ' Status: NOT SIGNED ✗' }\\""
# 3. Verify Windows Service (non-blocking)
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '3. WINDOWS SERVICE VERIFICATION:'; try { \\\$service = Get-Service -Name 'HelloWorldApp' -ErrorAction SilentlyContinue; if(\\\$service) { Write-Host ' Service Status:' \\\$service.Status; Write-Host ' Service Name:' \\\$service.ServiceName; Write-Host ' Display Name:' \\\$service.DisplayName; Write-Host ' Start Type: Automatic'; Write-Host ' Service: REGISTERED ✓' } else { Write-Host ' Service: NOT REGISTERED (Optional)' } } catch { Write-Host ' Service: VERIFICATION SKIPPED (Optional)' }\\""
# 4. Verify deployment structure (fixed escaping)
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '4. DEPLOYMENT STRUCTURE:'; \\\$files = @('HelloWorldApp.exe', 'config.txt', 'run.bat', 'start-service.bat', 'stop-service.bat', 'service-status.bat'); foreach(\\\$file in \\\$files) { if(Test-Path \\\\"C:\\\\Apps\\\\HelloWorldApp\\\\\\\$file\\\\") { Write-Host \\\\" \\\$file EXISTS ✓\\\\" } else { Write-Host \\\\" \\\$file MISSING ✗\\\\" } }\\""
# 5. Test application execution
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '5. APPLICATION EXECUTION TEST:'; try { \\\$output = & 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe' 2>&1; Write-Host ' Execution: SUCCESS ✓'; Write-Host ' Output:' \\\$output } catch { Write-Host ' Execution: FAILED ✗'; Write-Host ' Error:' \\\$_.Exception.Message }\\""
# 6. Show file listing
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '6. DEPLOYMENT DIRECTORY CONTENTS:'; Get-ChildItem 'C:\\\\Apps\\\\HelloWorldApp' | Format-Table Name, Length, LastWriteTime -AutoSize\\""
# 7. Network accessibility test
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '7. SERVER ACCESSIBILITY:'; Write-Host ' Server IP: 172.31.91.18'; Write-Host ' Deployment Path: C:\\\\Apps\\\\HelloWorldApp'; Write-Host ' Remote Access: SSH ✓'\\""
# 8. Summary
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '========================================'; Write-Host 'DEPLOYMENT VERIFICATION COMPLETE'; Write-Host 'Core deployment: SUCCESS ✓'; Write-Host 'Application ready for use!'; Write-Host '========================================'\\""
'''
}
}
}
stage('Cleanup Signing Script') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "del C:\\Users\\Administrator\\Desktop\\sign.ps1"
'''
}
}
}
}
post {
always {
cleanWs()
}
success {
echo 'Pipeline completed successfully!'
}
failure {
echo 'Pipeline failed!'
}
}
}
Étape 6 : Vérification de la signature
Une fois le pipeline terminé avec succès :
-
Accédez à l'application déployée (par exemple, C:\Apps\HelloWorldApp\HelloWorldApp.exe).
-
Cliquez avec le bouton droit sur le fichier > Propriétés > Signatures numériques.
-
Sélectionnez la signature dans la liste et cliquez sur Détails.
-
Vous verrez les informations relatives au signataire et l'horodatage (émis par GlobalSign TSA).
Configuration Test SSL
Vérifiez l’installation de votre certificat pour les problèmes et les vulnérabilités SSL.
Contactez l’équipe support
Si vous êtes un utilisateur du portail Atlas, veuillez envoyer votre demande à support-atlas@globalsign.com.