CM-47698 - Fix Windows signing of CLI executable (#300)

MarshalX · web-flow · commit 4681d3268140 · 2025-04-25T14:10:33.000+02:00
diff --git a/.github/workflows/build_executable.yml b/.github/workflows/build_executable.yml
@@ -166,6 +166,7 @@ jobs:
         shell: cmd
         env:
           SM_HOST: ${{ secrets.SM_HOST }}
+          SM_KEYPAIR_ALIAS: ${{ secrets.SM_KEYPAIR_ALIAS }}
           SM_API_KEY: ${{ secrets.SM_API_KEY }}
           SM_CLIENT_CERT_PASSWORD: ${{ secrets.SM_CLIENT_CERT_PASSWORD }}
           SM_CODE_SIGNING_CERT_SHA1_HASH: ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }}
@@ -174,7 +175,7 @@ jobs:
           curl -X GET  https://one.digicert.com/signingmanager/api-ui/v1/releases/smtools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o smtools-windows-x64.msi 
           msiexec /i smtools-windows-x64.msi /quiet /qn
           C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user
-          smksp_cert_sync.exe
+          smctl windows certsync --keypair-alias=%SM_KEYPAIR_ALIAS%
 
           :: sign executable
           signtool.exe sign /sha1 %SM_CODE_SIGNING_CERT_SHA1_HASH% /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 ".\dist\cycode-cli.exe" 
