Hi Ed, I want to sign my code with an EV certificate but I don't know if I have to change my configuration: Jenkins master is on a windows server on a Virtual Machine of our provider. To build our code we use a VM windows 8.1 and a real Mac. To avoid multiple computer, the VM windows 8.1 is a VMWare image running on the Mac OS. When I plug the token on the mac, I can tell VMWare to plug the token on the virtual machine.
Now on jenkins side, the windows slave is connected with JavaWebStart and I installed a service. I have the same error as you. SignTool Error: No certificates were found that met all the given criteria. What is slave-agent.jnlp you think that could be the problem? or I must have windows 8.1 on a real computer? Thanks -Quentin Le jeudi 27 août 2015 17:55:57 UTC+2, Ed of the Mountain a écrit : > > Solved. > > Disable jenkins service and replace with slave-agent.jnlp. > > Yay! I finally have automatic EV code signing! > > -Ed > > > On Thursday, August 27, 2015 at 9:51:29 AM UTC-5, Ed of the Mountain wrote: >> >> When I try to code sign in my Jenkins job I receive a SignTool error: >> >> >> c:\jenkins\workspace\codesign-windows> >> >> signtool sign /t http://timestamp.digicert.com /n "Acme Inc." code.exe >> >> SignTool Error: No certificates were found that met all the given criteria. >> >> >> I am using a DigiCert Extend Validation ( EV ) USB token that requires the >> USB token be connected to the build machine. This works fine when logged on >> as normal user. >> >> >> - I am running Jenkins as a Windows service. >> - Service Log On is set to Local System account. >> - Service is *allowed to interact with desktop.* >> >> >> >> When I logon as a normal user to the build machine, it works fine. >> >> >> 1 - signtool sign /t http://timestamp.digicert.com /n "Acme Inc." code.exe >> >> 2 - This triggers a pop-up "Token Logon" dialog that requires user >> interaction >> >> 3 - I have a separate "Token Logon" watcher that finds the WIndows ID and >> enters password. >> >> 4 - Code is signed automatically >> >> >> C:\jenkins\workspace\codesign-windows>signtool sign /t >> http://timestamp.digicert >> .com /n "The Charles Machine Works, Inc." token-logon.exe >> Done Adding Additional Store >> Successfully signed: token-logon.exe >> >> >> Any suggestions to try are much appreciated, >> >> >> -Ed >> >> -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/db1bc4ae-fb2b-4811-b5db-9b1610cba74e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
