build: windows signing should include timestamps

Previously the build artifacts did not include a signed timestamp, so when the certificate expired the validation of the artifact would fail. Now we sign against a timestamp server such that the artifact will always be valid regardless of the disposition of the certificate. Closes #7360 and #7059.
2014-03-26 01:26:17 -04:00 · 2014-03-26 01:26:17 -04:00 · a9d22247ad
--- a/vcbuild.bat
+++ b/vcbuild.bat
@ -136,7 +136,8 @@ if errorlevel 1 goto exit
@rem Skip signing if the `nosign` option was specified.
 if defined nosign goto licensertf

-signtool sign /a Release\node.exe
+signtool sign /a /d "Node.js" /t http://timestamp.globalsign.com/scripts/timestamp.dll Release\node.exe
+if errorlevel 1 echo Failed to sign exe&goto exit

 :licensertf
@rem Skip license.rtf generation if not requested.
@ -159,7 +160,8 @@ msbuild "%~dp0tools\msvs\msi\nodemsi.sln" /m /t:Clean,Build /p:Configuration=%co
 if errorlevel 1 goto exit

 if defined nosign goto run
-signtool sign /a Release\node-v%NODE_VERSION%-%msiplatform%.msi
+signtool sign /a /d "Node.js" /t http://timestamp.globalsign.com/scripts/timestamp.dll Release\node-v%NODE_VERSION%-%msiplatform%.msi
+if errorlevel 1 echo Failed to sign msi&goto exit

 :run
@rem Run tests if requested.