-
-
Notifications
You must be signed in to change notification settings - Fork 785
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EXPECTED ERROR: Update-Module dbatools Authenticode Issue for 2.1.0 #9090
Labels
Comments
potatoqualitee
added
feature
triage required
New issue that has not been reviewed by maintainers
labels
Sep 21, 2023
potatoqualitee
changed the title
Update-Module dbatools Authenticode Issuer Error for version 2.1.0
ERROR: Update-Module dbatools Authenticode Issue for 2.1.0
Sep 21, 2023
potatoqualitee
added
known issue
and removed
feature
triage required
New issue that has not been reviewed by maintainers
labels
Sep 21, 2023
potatoqualitee
changed the title
ERROR: Update-Module dbatools Authenticode Issue for 2.1.0
EXPECTED ERROR: Update-Module dbatools Authenticode Issue for 2.1.0
Sep 21, 2023
thank you! updating all the places |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
TLDR: This error is expected and the change is legitimate. To update, switch to
Install-Module
, then slap on the-SkipPublisherCheck
and-Force
parameters and continue your update.I've always been very proud that dbatools is Code Signed like a "real" application. These certs prove the identity of the creator and help prevent tampering. The certificates cost a bunch of money and are hard to obtain. You gotta send in tons of paperwork, including your passport and business papers. But again, the payoff is fantastic -- basically, it makes dbatools ready for the Enterprise and ready to deploy at organizations with strict security.
The new private key storage requirement for Code Signing certificates were implemented this year, making the signing process a whole lot harder. This change lead to us not publishing a new module for a little over three months.
Validating the dbatools organization identity for a code signing certificate is always a pain, and it's required to recur every 3 years. This year, though, I had to do that PLUS I also had to figure out this whole new signing process.
After months of working with Jess Pomfret and weeks of working with Jordan Borean, WE FINALLY FIGURED IT OUT!! But unfortunately, the new requirements breaks the catalog check for
Update-Module
because all of the Certificate Authorities had to update their CA Servers.This causes the following error (or something similar):
This is expected and the change is legitimate. To update, switch to
Install-Module
, then slap on the-SkipPublisherCheck
and-Force
parameters and continue your update. As people update over time, this should become less and less of a support issue for us, I presume in 2-3 years 😅Likely in part due to these new requirements, Microsoft is coming up with a new version (sorta) of
Update-Module
that does not perform this check so stay tuned.And again, this change and the subsequent errors are expected.
The text was updated successfully, but these errors were encountered: