none
Assembly signing question RRS feed

  • Question

  • Hi,

    I'm after some basic advice on how this (presumably very common) situation is handled:

    As an enterprise, we wish to grant full trust to all our own assemblies. We have a strong name key file representing the organisation. The keyfile is password protected. To maximise security, the number of people who need to know the password should be miminised. Ideally, developers should not need to know the password.

    Experimentation shows that when a project signed with the key is moved to another machine, it cannot be built without re-entering the key password.

    How can we ensure that all our assemblies (past and future) are signed with this key, while avoiding the need to distribute the password to all developers?

    (I have an inkling that there is some kind of "key store" concept. Perhaps we could add this key to a central key store?)

    Many thanks for any help
    felix
    Thursday, February 14, 2008 11:10 AM

Answers