'Does install4j support smart card EV code signing certificates
Just got an EV Code Signing certificate, it comes in a USB key and shows up in the windows certificate store when plugged in. install4j does have an option to use a certificate from the windows certificate store when signing.
But when I tried to use this option, I got an error:
Caused by: com.install4j.d.k: org.bouncycastle.operator.OperatorCreationException: cannot create signer: Key type not supported
Caused by: org.bouncycastle.operator.OperatorCreationException: cannot create signer: Key type not supported
Caused by: java.security.InvalidKeyException: Key type not supported
at jdk.crypto.mscapi/sun.security.mscapi.RSASignature.engineInitSign(RSASignature.java:533)
So, does install4j support these certificates?
And going further: using the key requires a PIN to be entered at the time of signing.
For automated builds, where the installers get built every night, how does install4j handle the PIN (there was no option that I could see in the project file)?
Solution 1:[1]
I can confirm that this does work in principle, without PIN dialog popup, at least in this specific configuration:
- Sectigo EV Code Signing Certificate
- SafeNet eToken 5110
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Reto Höhener |