espressif · alirana01 · Jun 4, 2025 · May 19, 2025 · May 19, 2025 · May 19, 2025
diff --git a/.github/workflows/win_exe_sign_test.yml b/.github/workflows/win_exe_sign_test.yml
@@ -0,0 +1,47 @@
+name: Signing Windows Executable test workflow
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  signing:
+    runs-on: windows-latest
+    env:
+      JKS_B64: ${{ secrets.JARSIGNER_REL_KEYSTORE_B64 }}
+      JKS_PASS: ${{ secrets.JARSIGNER_REL_STOREPASS }}
+      ALIAS: ${{ secrets.JARSIGNER_REL_ALIAS }}
+      PFX_PASS: ${{ secrets.JARSIGNER_REL_STOREPASS }}
+
+    steps:
+    - uses: actions/checkout@v3
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
+
+
+    - name: Decode base64-encoded JKS
+      run: |
+       echo "$env:JKS_B64" | Out-File -FilePath encoded.b64 -Encoding ASCII
+       certutil -decode encoded.b64 mykeystore.jks
+       Remove-Item encoded.b64
+
+    - name: Convert JKS to PFX
+      shell: pwsh
+      run: |
+       & "${env:JAVA_HOME}\bin\keytool.exe" -importkeystore `
+            -srckeystore mykeystore.jks `
+            -srcstorepass $env:JKS_PASS `
+            -srcalias $env:ALIAS `
+            -destkeystore cert.pfx `
+            -deststoretype PKCS12 `
+            -deststorepass $env:PFX_PASS
+
+    - name: Sign Windows Executable
+      run: |
+       & "C:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0\x86\signtool.exe" sign `
+            /f cert.pfx `
+            /p $env:PFX_PASS `
+            /tr http://timestamp.digicert.com `
+            /td sha256 `
+            /fd sha256 `
+            releng/espressif-ide.exe
diff --git a/releng/espressif-ide.exe b/releng/espressif-ide.exe