home.social

#powershellgallery — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #powershellgallery, aggregated by home.social.

  1. Colin Cogle :verified: @[email protected] ·

    Help, I need a code signing certificate that won't bankrupt me.

    Three years ago, I paid $100 for a three-year code signing certificate. I've signed all my open-source projects' releases with it. Now that it's renewal time, Certera (SignMyCode.com) wants almost $700 for the same three-year certificate (excluding the mandatory HSM purchase, which I am totally on board with).

    I write silly C and PowerShell code, and I timestamp my signatures so that they're perpetually valid. My PowerShell Gallery stuff, as well as binaries of aprs-weather-submit on Windows and macOS, are all signed and hashed (but not notarized by Apple, because that's another $99 a year for something that feels done unless Bob Bruninga's followers are thinking about APRS 2.0).

    If I can't find a solution, anything I write or update in the future will have to be released as unsigned unless I half-ass something (like the Notepad++ developer using self-signed certs -- semi-dangerously clever). $100 every three years, fine. $700 every three years, and I'll do it if my three fans click my Buy Me A Coffee link over and over.

    Is there any CA out there that will offer open-source, not-for-profit developers like me a chance to get globally-trusted code signing certificates? I don't think SigStore ever took off (sadly), and even if it did, I don't think it's part of the Microsoft Authenticode program.

    #CodeSigning #SSL #TLS #certificates #Certera #SoftwareDevelopment #C #PowerShell #PowerShellGallery #AmateurRadio #HamRadio #APRS #APRS-Weather-Submit #GitHub #security #developer #Windows #macOS #Linux #Authenticode #DevSecOps #DevOps

    #codesigning #ssl #tls #certificates #certera #softwaredevelopment
  2. Colin Cogle :verified: @[email protected] ·

    Help, I need a code signing certificate that won't bankrupt me.

    Three years ago, I paid $100 for a three-year code signing certificate. I've signed all my open-source projects' releases with it. Now that it's renewal time, Certera (SignMyCode.com) wants almost $700 for the same three-year certificate (excluding the mandatory HSM purchase, which I am totally on board with).

    I write silly C and PowerShell code, and I timestamp my signatures so that they're perpetually valid. My PowerShell Gallery stuff, as well as binaries of aprs-weather-submit on Windows and macOS, are all signed and hashed (but not notarized by Apple, because that's another $99 a year for something that feels done unless Bob Bruninga's followers are thinking about APRS 2.0).

    If I can't find a solution, anything I write or update in the future will have to be released as unsigned unless I half-ass something (like the Notepad++ developer using self-signed certs -- semi-dangerously clever). $100 every three years, fine. $700 every three years, and I'll do it if my three fans click my Buy Me A Coffee link over and over.

    Is there any CA out there that will offer open-source, not-for-profit developers like me a chance to get globally-trusted code signing certificates? I don't think SigStore ever took off (sadly), and even if it did, I don't think it's part of the Microsoft Authenticode program.

    #CodeSigning #SSL #TLS #certificates #Certera #SoftwareDevelopment #C #PowerShell #PowerShellGallery #AmateurRadio #HamRadio #APRS #APRS-Weather-Submit #GitHub #security #developer #Windows #macOS #Linux #Authenticode #DevSecOps #DevOps

    #codesigning #ssl #tls #certificates #certera #softwaredevelopment
  3. Colin Cogle :verified: @[email protected] ·

    Help, I need a code signing certificate that won't bankrupt me.

    Three years ago, I paid $100 for a three-year code signing certificate. I've signed all my open-source projects' releases with it. Now that it's renewal time, Certera (SignMyCode.com) wants almost $700 for the same three-year certificate (excluding the mandatory HSM purchase, which I am totally on board with).

    I write silly C and PowerShell code, and I timestamp my signatures so that they're perpetually valid. My PowerShell Gallery stuff, as well as binaries of aprs-weather-submit on Windows and macOS, are all signed and hashed (but not notarized by Apple, because that's another $99 a year for something that feels done unless Bob Bruninga's followers are thinking about APRS 2.0).

    If I can't find a solution, anything I write or update in the future will have to be released as unsigned unless I half-ass something (like the Notepad++ developer using self-signed certs -- semi-dangerously clever). $100 every three years, fine. $700 every three years, and I'll do it if my three fans click my Buy Me A Coffee link over and over.

    Is there any CA out there that will offer open-source, not-for-profit developers like me a chance to get globally-trusted code signing certificates? I don't think SigStore ever took off (sadly), and even if it did, I don't think it's part of the Microsoft Authenticode program.

    #CodeSigning #SSL #TLS #certificates #Certera #SoftwareDevelopment #C #PowerShell #PowerShellGallery #AmateurRadio #HamRadio #APRS #APRS-Weather-Submit #GitHub #security #developer #Windows #macOS #Linux #Authenticode #DevSecOps #DevOps

    #codesigning #ssl #tls #certificates #certera #softwaredevelopment
  4. Colin Cogle :verified: @[email protected] ·

    Help, I need a code signing certificate that won't bankrupt me.

    Three years ago, I paid $100 for a three-year code signing certificate. I've signed all my open-source projects' releases with it. Now that it's renewal time, Certera (SignMyCode.com) wants almost $700 for the same three-year certificate (excluding the mandatory HSM purchase, which I am totally on board with).

    I write silly C and PowerShell code, and I timestamp my signatures so that they're perpetually valid. My PowerShell Gallery stuff, as well as binaries of aprs-weather-submit on Windows and macOS, are all signed and hashed (but not notarized by Apple, because that's another $99 a year for something that feels done unless Bob Bruninga's followers are thinking about APRS 2.0).

    If I can't find a solution, anything I write or update in the future will have to be released as unsigned unless I half-ass something (like the Notepad++ developer using self-signed certs -- semi-dangerously clever). $100 every three years, fine. $700 every three years, and I'll do it if my three fans click my Buy Me A Coffee link over and over.

    Is there any CA out there that will offer open-source, not-for-profit developers like me a chance to get globally-trusted code signing certificates? I don't think SigStore ever took off (sadly), and even if it did, I don't think it's part of the Microsoft Authenticode program.

    #CodeSigning #SSL #TLS #certificates #Certera #SoftwareDevelopment #C #PowerShell #PowerShellGallery #AmateurRadio #HamRadio #APRS #APRS-Weather-Submit #GitHub #security #developer #Windows #macOS #Linux #Authenticode #DevSecOps #DevOps

    #devops #devsecops #authenticode #linux #macos #windows
  5. Colin Cogle :verified: @[email protected] ·

    Help, I need a code signing certificate that won't bankrupt me.

    Three years ago, I paid $100 for a three-year code signing certificate. I've signed all my open-source projects' releases with it. Now that it's renewal time, Certera (SignMyCode.com) wants almost $700 for the same three-year certificate (excluding the mandatory HSM purchase, which I am totally on board with).

    I write silly C and PowerShell code, and I timestamp my signatures so that they're perpetually valid. My PowerShell Gallery stuff, as well as binaries of aprs-weather-submit on Windows and macOS, are all signed and hashed (but not notarized by Apple, because that's another $99 a year for something that feels done unless Bob Bruninga's followers are thinking about APRS 2.0).

    If I can't find a solution, anything I write or update in the future will have to be released as unsigned unless I half-ass something (like the Notepad++ developer using self-signed certs -- semi-dangerously clever). $100 every three years, fine. $700 every three years, and I'll do it if my three fans click my Buy Me A Coffee link over and over.

    Is there any CA out there that will offer open-source, not-for-profit developers like me a chance to get globally-trusted code signing certificates? I don't think SigStore ever took off (sadly), and even if it did, I don't think it's part of the Microsoft Authenticode program.

    #CodeSigning #SSL #TLS #certificates #Certera #SoftwareDevelopment #C #PowerShell #PowerShellGallery #AmateurRadio #HamRadio #APRS #APRS-Weather-Submit #GitHub #security #developer #Windows #macOS #Linux #Authenticode #DevSecOps #DevOps

    #codesigning #ssl #tls #certificates #certera #softwaredevelopment
  6. WetHat💦 @WetHat ·

    Create static from sources with fast and easy. New version available from the :

    wethat.github.io/MarkdownToHtm

    #websites #markdown #powershell #powershellgallery #webdevelopment #static_site_generator
  7. Dr Nestori Syynimaa :verified: @[email protected] ·

    #AADInternals #DEFCON32 edition I demonstrated in my @defcon talk is now available on GitHub and #PowerShellGallery:
    ◾ Spoof SPO, Teams, and OneDrive files
    ◾ Tamper with existing files
    ◾ Nothing is logged

    Change log available at: aadinternals.com/aadinternals/

    #aadinternals #defcon32 #powershellgallery
  8. Ænðr E. Feldstraw @[email protected] ·

    I encountered this #powershell issue a bit too often, so I decided to do some research. Does powershell fail your install-module or find-packageprovider commands, complaining it's unable to download, while you can access the internet just fine? It may be because the #PowershellGallery updated their #securitycipher to #TLS12:

    medium.com/@aev_software/get-p

    #powershell #powershellgallery #securitycipher #tls12
  9. Ænðr E. Feldstraw @[email protected] ·

    I encountered this #powershell issue a bit too often, so I decided to do some research. Does powershell fail your install-module or find-packageprovider commands, complaining it's unable to download, while you can access the internet just fine? It may be because the #PowershellGallery updated their #securitycipher to #TLS12:

    medium.com/@aev_software/get-p

    #powershell #powershellgallery #securitycipher #tls12
  10. Ænðr E. Feldstraw @[email protected] ·

    I encountered this #powershell issue a bit too often, so I decided to do some research. Does powershell fail your install-module or find-packageprovider commands, complaining it's unable to download, while you can access the internet just fine? It may be because the #PowershellGallery updated their #securitycipher to #TLS12:

    medium.com/@aev_software/get-p

    #tls12 #securitycipher #powershellgallery #powershell