Hello,
Just a generic question of what arrangements do you use when it comes to code signing certificates?
We're using Microsoft TFS (under ESXi 6.5.0) to store our code. One of the requirements is to sign it with a OV Code Signing certificate.
The code signing certificate comes in a form of a USB token, that is attached to the ESXi host and then exposed to the TFS VM (as USB Aladdin Knowledge Token JC device).
Everything works fine (with a little bit of configuration) but I was wondering whether there are any other "native" solutions that are recommended by VMware?
What do you use to sign your code on the servers that are virtualized? Having a USB token attached to a host is fine, although you will have to take care of DR rules to keep that VM on that particular host. Also, USB token can't be shared with other VMs, so it's one to one assignment.
Grateful to hear your ideas.