Hi All,
A new version of Signotaur has been released and is available from Signotaur Downloads. The latest stable version of Signotaur is 1.2.0.80.
Changes in v1.2.0.80
New Features
-
NuGet package (
.nupkg) and Visual Studio extension (.vsix) signing is now supported, including timestamping and comprehensive verification. -
Added CMS/PKCS#7 signing support for
.mobileconfig,.mobileprovision,.provisionprofileand other non-Authenticode file types. -
New
--unsupported-file-types(--uf) option controls how unrecognised file types are handled during signing and verification.
Improvements
-
Certificates without a matching private key or Code Signing EKU are now rejected at registration.
-
Unsuitable PKCS#11 certificates are shown greyed out with warnings in the certificate selection UI.
-
A warning is now displayed when signing MSI files without
--description, which can cause a cryptic publisher name in Windows UAC prompts.
Bug Fixes
-
Fixed certificate key type and size not showing immediately after registering a new certificate.
-
Fixed database warning caused by an unnecessary transaction in API key lookup.
Infrastructure
-
Moved ClickOnce/VSTO manifest signing from server to client, reducing the server’s reliance on Windows-only native code.
-
General improvements to error handling.
-
Updated .NET SDK to v10.0.201.
-
Third-party package updates.