Automatically calculate certificate thumbprint #948
Description
sign requires a certificate thumbprint to be explicitly specified in the command line:
Usage:
sign code certificate-store <file(s)>... [options]
Arguments:
<file(s)> File(s) to sign.
Options:
-cfp, --certificate-fingerprint <certificate-fingerprint> (REQUIRED) SHA fingerprint used to identify a certificate.
-cf, --certificate-file <certificate-file> PFX, P7B, or CER file containing a certificate and potentially a private key.
-p, --password <password> Password for certificate file.
-csp, --crypto-service-provider <crypto-service-provider> Cryptographic Service Provider containing the private key container. Requires /k and optionally /km.
-k, --key-container <key-container> Private key container name.
However, when a certificate file is specified with -cf ( --certificate-file) option, it already has all the information to calculate its thumbprint. In this case, -cfp (--certificate-fingerprint) option should not be obligatory.
The current behavior requires a user to always specify -cfp (--certificate-fingerprint) option, even when the certificate file is specified explicitly. This adds certain frictions to sign usage as the user now has to manually extract/calculate the certificate fingerprint, even when it isn't strictly needed and can be extracted from the specified certificate file automatically.
sign version: 0.9.1-beta.25379.1+ba6e717abf74a693f0f9c5e891c0e3ef624956b3