I registered as an individual and my name appears on the certificate. I guess the identity on the certificate is the only difference.
Hey I finally got a request for additional documents! That info has been submitted, so now we’ll see how much longer it takes.
2 Likes
I have just made this available to the public: GitHub: jo-tools/ats-codesign
ATS CodeSign | Docker
This example shows how to codesign using Azure Trusted Signing.
Codesigning is using jsign in a Docker Container jotools/ats-codesign. This allows codesigning to be performed on a host machine running on either Windows, macOS or Linux.
Requirements
- Set up Azure Trusted Signing
To get you started have a look at the included docs.
You’ll find some useful links and archived Web content there. - Have Docker up and running
It includes a Xojo example project with a Post Build Script.
Once set up with two .json files placed in the user’s home directory (and obviously having ATS setup and Docker ready) this allows the Windows application to be built and codesigned with Xojo running on either Windows, macOS or Linux.
My goal has been to have a universal Post Build Script which i can just copy-and-paste to any of my little leisure time projects. Hit Build in Xojo (which I’m using on Windows at work, on a Mac at home) and have the Windows applications automatically codesigned without having to fiddle with scripts for each and every little Xojo Project, no matter if I’m currently working on macOS or Windows. Oh, and it’s working in Linux, too 
I haven’t tagged a release in GitHub: jo-tools/ats-codesign yet - I intend to try this out on some projects in the next couple of days/weeks (and maybe notice some quirks that can be improved).
Still I hope some of you might this useful already in this early stage - so enjoy… 
8 Likes
Hello,
finally got my identity approved but could not succeed signing the app, the signtool shows no output at all.
I just have an application error in the events of windows. Kind of annoying
signtool.exe ist a bit tricky… needs a current version, minimum .net 6 runtime, additional .dll’s, …
All i can say is: read this documentation
It says e.g.:
Make sure that you have installed the minimum required dependencies:
- Windows 10 SDK 10.0.19041 or higher (or Windows 11 SDK). This includes the minimum required version of
signtool.exe. .NET 6.0 runtime. If this is not installed, signtool will fail silently without output.
That’s why I’ve created another simpler solution for my leisure time projects: GitHub: jo-tools/ats-codesign.
Super interesting! Thank you for sharing.
I will try again a bit and try your solution
Checked a bit:
- Got Windows 11 SDK 10.0.26100.0 so I met this part
- Got .NET 6.0.9 runtime
- Installed azure cli with nuget
Also notified that when I point to the dll/json that is outside the signtool folder, it fails.
No setting up everything in the same folder, I got a “no certificates were found that met all the given criteria”.
So I might have an error in the env variable or in the json file. I was not sure about the value of the AZURE_TENANT_ID and also the CodeSigningAccountName. Will double check that
Yup, that’s looking good already.
That’s most likely because of the currently wrong info in your .json files.
The Melatonin Article: Code signing on Windows with Azure Trusted Signing explains that quite good - even with ScreenShots (e.g. where to find the Azure Tenant Id).
My validation finally was just approved. So it took the better part of a month. For some people it takes hours. For others, it’ll take a while. If you’re going to apply, prepare for that.
There was nothing unusual about my process aside from the length. After a couple weeks they requested proof of domain ownership, which I provided. That was my last update. A few days later they rejected it because the invoice didn’t show my domain name or something like that. I resubmitted the same document, because it DID show the information they needed, and it was accepted a few days later. About a week ago I received a request to verify my email address, and got everything approved today.
Seems like I was singled out for the process to take a very long time for some reason. Maybe because I don’t use Azure for anything else.
2 Likes