Currently, I am looking for a solution, how can I store my signing certificate and implement application signing step during building solution (.Net) on TeamCity.
Cannot find any appropriate solution, and do not think that put certificate in NuGet package is good solution.
Could some-one make a hint how can I achieve it?
You could have the certificate on the buildagents machine at a specific directory or add an extra directory from your repository where the certificate is.
Then you can add an extra visual studio proj file in your solution which is the one that you use when you build your release build in TeamCity. This proj file will contain the signing of your application along with compiling etc.
Now I don't know what kind of signing you are using, we have a clickOnce application that is being signed, where we are using these three steps:
<Exec Command=""$(SdkPath)\mage.exe" -sign "$(ClickOncePublishDirectory)\app.exe.manifest" -CertFile $(SigningCert) -pwd $(SigningPassword)"/>
<Exec Command=""$(SdkPath)\mage.exe" -update "$(ClickOncePublishDirectory)\application" -AppManifest "$(ClickOncePublishDirectory)\app.exe.manifest" -Publisher "Name in certificate" -a sha256RSA"/>
<Exec Command=""$(SdkPath)\mage.exe" -sign "$(ClickOncePublishDirectory)\application" -CertFile $(SigningCert) -pwd $(SigningPassword)"/>
