VMware Cloud Community
fwragge
Contributor
Contributor

Signing a OVA with a CA-signed cert

Hi,

I'm having difficulty signing an OVA with a CA-signed cert:

* Does ovftool support CA 'code signing' certificates with the CA's provided intermediate?  After including both in the pem, openssl indicated it was valid but ovftool signing failed.

* The specs are a little unclear as to signing with SHA-256 certificate.  Is the --shaAlgorithm used for signing?

Thx.

Reply
0 Kudos
1 Reply
jalairo
Contributor
Contributor

We have the pem file strictly according to the tool help: private key and certificate. And our certificate comes from CA.

As for --shaAlgorithm, this value is used when calculating SHA digest values for the manifest file and is not about the signing certificate being SHA-1 or SHA-256.

Reply
0 Kudos