6

On Windows, there is Authenticode to sign .NET Core / .NET 5 assemblies (please note that I am not referring to Strong Name Signing which is different). This prevents tampering and guarantees authenticity.

I am new to .NET Core on Linux. What is the equivalent of Authenticode signing on Linux for .NET Core? Since Authenticode signing is part of the Windows SDK (and not .NET Core) it is not available on Linux. Ideally there is some widely used convention for this.

Have looked around extensively on SO and online and have not been able to find anything useful or definitive. Any guidance would be greatly appreciated.

Improve this question
2
  • I don't believe there is any such equivalent. Commented Jun 13, 2021 at 6:35
  • Maybe github.com/dotnet/sign is something that fits into your requirements. Commented Mar 29, 2023 at 16:31

1 Answer 1

Reset to default
2

Executable code signing on Linux is typically done at the package repo level, not at the individual executable level.

One option, therefore, is to try getting your software into one of the major package repos for your chosen platform: APT, DNF, Homebrew…

For cases where that isn’t acceptable, you can set up your own repo and try to convince your users to install the repo, which in turn signs the packages delivered through it.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

What about for a corporate environment where you don't want to make the binaries public, what would the recommended approach be?
Also - would this repo approach allow verification of binary tampering "on the box" or only at install time? Thanks again for your help
Re: corporate, nothing stops you from setting up a local repo server. It doesn’t have to be public. Re: post-install verification, many package repo systems do have such features. Be specific.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.