You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As seen in this code, Tauri bundler only supports the /t option for SignTool, while my code certificate issuer's timestamp server only accepts RFC 3161 Time-Stamp Protocol (TSP). This results in the following error output when trying to build a signed bundle:
info: trying to sign app
info: signing <binary>
info: running signtool "E:\\Windows Kits\\10\\bin\\10.0.19041.0\\x64\\signtool.exe"
Error running CLI: failed to bundle project: failed to sign app: SignTool Error: The specified timestamp server either could not be reached or
returned an invalid response.
SignTool Error: An error occurred while attempting to sign: <binary>
This functionality is possible in SignTool by using /tr <timestamp URL> and /td <timestamp digest algorithm> instead of /t <timestamp URL>. See an example of a SignTool command with /tr and /tdhere. Tip: see SignTool's command options here.
I suggest adding another configuration field called tsp or something along those lines under Tauri > Bundle > Windows, with the default value being false and with the option of true. The true value of the tsp-field would then result in the SignTool command including /tr and /td instead of /t to be compatible with a TSP (RFC 3161) timestamp server.
Also, as I read this it sounds a bit like a feature request rather than a bug so feel free to change it. However, I file this as a bug since the code-signing functionality doesn't work as expected from the documentation.
Reproduction
Have a code signing certificate (or not...?)
Set timestamp server to http://ts.ssl.com or any other TSP server
Try to build with yarn tauri build (or whatever build system you use)
Describe the bug
As seen in this code, Tauri bundler only supports the
/t
option for SignTool, while my code certificate issuer's timestamp server only accepts RFC 3161 Time-Stamp Protocol (TSP). This results in the following error output when trying to build a signed bundle:This functionality is possible in SignTool by using
/tr <timestamp URL>
and/td <timestamp digest algorithm>
instead of/t <timestamp URL>
. See an example of a SignTool command with/tr
and/td
here. Tip: see SignTool's command options here.I suggest adding another configuration field called
tsp
or something along those lines underTauri > Bundle > Windows
, with the default value beingfalse
and with the option oftrue
. Thetrue
value of thetsp
-field would then result in the SignTool command including/tr
and/td
instead of/t
to be compatible with a TSP (RFC 3161) timestamp server.Also, as I read this it sounds a bit like a feature request rather than a bug so feel free to change it. However, I file this as a bug since the code-signing functionality doesn't work as expected from the documentation.
Reproduction
http://ts.ssl.com
or any other TSP serveryarn tauri build
(or whatever build system you use)Expected behavior
A successful, signed build of my app.
Platform and versions
Stack trace
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: