Sign executables with Electron builder using KSP library
Electron builder is a complete solution to package and build a ready for distribution Electron app with “auto update” support. Electron builder rewrites its own in-house logic for most build tasks. Electron Builder is specifically designed for Electron applications for macOS, Windows and Linux.
The Electron framework allows you to build cross-platform desktop applications using web technologies (HTML, CSS, and JavaScript). Electron Builder simplifies the process of creating distributable packages for different platforms.
You can configure Electron builder to sign using DigiCert® KeyLocker KSP library.
What files can Electron builder sign using the KSP library?
.exe
.dll
.msi
.sys
.cab
.cat
Prerequisites
Windows operating system
Download and configure DigiCert® KeyLocker client tools
Keypair with a default certificate
Configure Electron builder (KSP)
To configure Electron builder to sign using the DigiCert® KeyLocker KSP library:
Navigate to Electron builder's package.json.
Edit package.json to include path to 'customSign.js' script::
'use strict'; exports.default = async function(configuration) { if(configuration.path){ require("child_process").execSync( `smctl sign --keypair-alias=${<keypair alias>} --input "${String(configuration.path)}"` ); } };
Sample:
'use strict'; exports.default = async function(configuration) { if(configuration.path){ require("child_process").execSync( `smctl sign --keypair-alias=${keypair3} --input "${String(configuration.path)}"` ); } };
Save the script.
Run the “yarn dist” build command in the terminal.