1. What is it?
2. Docker image tagging scheme
3. Usage
4. License

A multi-arch Docker image for signing Windows binaries with Microsoft Authenticode using osslsigncode.

Automatically rebuilt weekly to include the latest OS security fixes.

See all tags at https://hub.docker.com/r/vegardit/osslsigncode/tags

The docker image is configured to use /work as work directory.

You can mount the folder with the executables to sign into the /work directory and then use relative paths for --in and --out parameters of osslsigncode.

For example:

docker run --rm -v $PWD:/work vegardit/osslsigncode sign \
  -certs mycert.crt -key mykey.der \
  -n 'My Application' -i https://www.mywebsite.com/ \
  -in myapp.exe -out myapp-signed.exe

All files in this repository are released under the Apache License 2.0.

Individual files contain the following tag instead of the full license text:

SPDX-License-Identifier: Apache-2.0

This enables machine processing of license information based on the SPDX License Identifiers that are available here: https://spdx.org/licenses/.