Application not signed

Question

Application not signed

nlsui opened this issue 5 months ago · comments

Bug description

I am using the game-ci/unity-builder@v4 on github workflows with a personal unity license to build my unity project.
The resulting .exe file is not signed and I'm getting warnings that the publisher is unknown.

How to reproduce

This is the part of the workflow

uses: game-ci/unity-builder@v4
id: build
env:
  UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
  UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
  UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
with:
  customImage: unityci/editor:${{ matrix.targetImage }}
  targetPlatform: ${{ matrix.targetPlatform }}
  customParameters: -target ${{ matrix.target }}
  buildMethod: BuildScript.Build

I copied my own personal license as described in the docs in secrets.

These are the relevant logs

User *** logged in successfully
[LicensingClient] Channel doesn't exist: "LicenseClient-root"
[Licensing::Module] Successfully launched the LicensingClient (PId: 38)
[SignatureVerifier] Application signature verification not supported on this platform.
[LicensingClient] Handshaking with LicensingClient: 
	version: 1.10.0-rc.1+0c717dc
	Session Id: de5b4c034b5d443ea0456b8218b49027
	Machine Id: j6bT3DmylWNQWQ6f3fzOYk3+Xlw=
[Licensing::Module] Successfully connected to LicensingClient on channel: "LicenseClient-root" (connect: 1.30s, validation: 0.07s, handshake: 0.00s)
[Licensing::Module] Connected to LicensingClient (PId: 38, launch time: 0.00, total connection time: 1.37s)
Entitlement-based licensing initiated
[LicensingClient] Successfully updated the access token
[Licensing::Module] Successfully updated the access token ObKfcfbLBuQwK6ya8ncHx_jHV21tuQu1qG36R5eqBo8008f
[LicensingClient] Successfully processed license management request
[Licensing::Module] Successfully activated the entitlement license
[LicensingClient] Successfully queried for the EntitlementGroupsDetails
[LicensingClient] Successfully activated ULF license
[Licensing::Module] Serial number assigned to (masked): "***"
[LicensingClient] Successfully resolved entitlements
Pro License: NO

When trying to open the application windows warns me that their is no publisher

Get-AuthenticodeSignature -FilePath .\StandaloneWindows64.exe returns Status:NotSigned as well

Expected behavior

The application should be signed

David Finol · Answer 1 · Thu May 16 2024 06:04:24 GMT+0800 (China Standard Time)

Generally, Unity doesn't sign the .exe, so you would have to sign it yourself.
You could try using this Microsoft SignTool.
But instead of that, it may be better to distribute through a platform like Steam.

Marius Faust · Answer 2 · Fri May 17 2024 16:45:23 GMT+0800 (China Standard Time)

Thanks for your help, I thought the license was needed for signature.

Alexandre D. Roberge · Answer 3 · Tue Sep 10 2024 01:32:55 GMT+0800 (China Standard Time)

Is there no way to integrate the code signing with certificate using GameCI? Users downloading from Itch.io get the same error.

David Finol · Answer 4 · Tue Sep 10 2024 03:31:38 GMT+0800 (China Standard Time)

Code signing is arguably not part of building ("ci"), and arguably more part of distribution ("cd").
The unity-builder action therefore isn't really where the code signing should be done.
To help with distribution, GameCI does provide a Steam deploy action, and Steam will handle code signing for you: https://game.ci/docs/github/deployment/steam/
If you want to use other platforms for distribution, you would need to look into that platforms recommended process.
Unfortunately, it doesn't seem like itch provides a good solution: https://itch.io/jam/7drl-challenge-2021/topic/1245681/code-signing