Skip to content

Commit

Permalink
Update cert-notice readme (#2504)
Browse files Browse the repository at this point in the history
* updated readme to include cert notice

* fix formatting on table

* Apply suggestions from code review

---------

Co-authored-by: Jakub Jareš <[email protected]>
  • Loading branch information
WithHolm and nohwnd authored Jun 18, 2024
1 parent eda49f2 commit b81b7cb
Showing 1 changed file with 20 additions and 1 deletion.
21 changes: 20 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
> 📦🔐 Pester is now signed. `-SkipPublisherCheck` should no longer be used to install from PowerShell Gallery on Windows 10.
> 📦🔐 Upgrading to 5.6.0 will show a "certificate changed" error, this is because a change in Root Certificate, and you have to specify `-SkipPublisherCheck` to update. [More info below.](#560-certificate-error).
> 👩👨 We are looking for contributors! All issues labeled [help wanted](https://github.com/pester/Pester/labels/help%20wanted) are up for grabs. They further split up into [good first issue](https://github.com/pester/Pester/labels/good%20first%20issue) that are issues I hope are easy to solve. [Bad first issue](https://github.com/pester/Pester/labels/bad%20first%20issue) where I expect the implementation to be problematic or needs to be proposed and discussed beforehand. And the rest which is somewhere in the middle. If you decide to pick up an issue please comment in the issue thread so others don't waste their time working on the same issue as you.
> There is also [contributor's guide](https://pester.dev/docs/contributing/introduction) that will hopefully help you.
Expand Down Expand Up @@ -77,6 +79,24 @@ Install-Module -Name Pester -Force

Not running Windows 10 or facing problems? See the [full installation and update guide](https://pester.dev/docs/introduction/installation).

## Regarding Certificate for different versions

The certificate used for signing the code has changed in 5.6.0. Error is shown when updating the module.
Below is the list of the certificates you can expect to be used when importing the module (going back to 2016)

Version|Authority|Thumbprint
---|---|---
5.6.0++|`CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US`|`2FCC9148EC2C9AB951C6F9654C0D2ED16AF27738`
5.2.0 - 5.5.0|`CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US`|`C7B0582906E5205B8399D92991694A614D0C0B22`
4.10.0 - 5.1.1|`CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US`|`7B9157664392D633EDA2C0248605C1C868EBDE43`
4.4.3 - 4.9.0|`CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US`|`CC1168BAFCDA3B1A5E532DA87E80A4DD69BCAEB1`
3.0.3 - 4.4.2|No Certificate Found|No Certificate Found
3.4.0|`CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`|`71F53A26BB1625E466727183409A30D03D7923DF`

In all cases, except for version 3.4.0 that was signed directly by Microsoft, the Authenticode issuer for certificate is `CN=Jakub Jareš, O=Jakub Jareš, L=Praha, C=CZ`.

To successfully update the module when certificate changed, you need to provide `-SkipPublisherCheck` to the `Install-Module` command.

## Features

### Test runner
Expand Down Expand Up @@ -174,7 +194,6 @@ Pester is sponsored by [Octopus Deploy](https://octopus.com).
As well as all the great folks on [OpenCollective](https://opencollective.com/pester) and [GitHub](https://github.com/users/nohwnd/sponsorship#sponsors).
## Contributors
### Code Contributors
Expand Down

0 comments on commit b81b7cb

Please sign in to comment.