YubiKey Code-Signing Setup Help

@daxm0

Hello, I would love to help. I understand your project details. I will follow instructions and keep you updated. I have 5+ years of experience in Windows Desktop. I have completed similar projects. I have a few questions before we get started. Could you please send me a message in the chat? Looking forward to working with you, connect in chat. Talk soon, Dax Manning

@dejanv7

Hi, I’ll help you validate and harden your YubiKey 5C FIPS setup for code signing on Windows, using osslsigncode with ECC keys as you described. I’ve completed multiple end-to-end code-sign workflows for Linux Mint-based environments and Windows VMs, ensuring the private keys stay secure in the FIPS store and that signatures verify cleanly against DigiCert certificates. I’ve helped two clients recover sign-capable keys, reconfigure their code-sign chain, and automate diagnostic checks to confirm both keys can sign binaries. Here’s how I’d handle your project: first, verify the two reachable keys’ functional state, validate certificate binding and sign-ability with osslsigncode (and, if needed, adjust key storage or permissions). Next, set up the Windows VM with the required toolchain (osslsigncode, OpenSSL if needed, and your DigiCert .crt) and configure a repeatable sign-test workflow. Finally, run end-to-end signing tests to confirm both keys can sign the same EXE and generate verifiable digests. I’ll adapt to your pace and work securely via Google Meet as requested. If you want to start now, we can align on a tight, secure pass/fail process and close quickly without milestones.

@Hemantt841

Thank you for considering my proposal for your YubiKey code-signing setup project. I was immediately drawn to your detailed description of your current setup and the specific assistance you need with verifying and setting up code signing on your Windows VM. With over 7 years of experience in software development, I have extensive knowledge in setting up secure code signing processes. Here's how I plan to tackle your project: - Verify current YubiKey setup and fix any issues - Set up code signing on your Windows VM using osslsigncode for ECC encryption - Ensure that both keys can successfully sign code In past projects, I have successfully implemented secure code signing processes for similar setups, ensuring that all executables were signed correctly and securely. To ensure a smooth collaboration, I will follow your guidelines for communication and payment. I am more than willing to run diagnostic commands during the bidding stage to address any concerns you may have about your setup. Before we proceed, could you clarify if there are any specific requirements or preferences you have regarding the code signing process? I want to ensure that the final outcome aligns perfectly with your expectations. Feel free to review my portfolio for relevant work samples. I look forward to potentially working together on this project.

@aimansulaiman

❤️ Hello. I can guide you step by step to verify your Yubikey 5C FIPS setup on Linux Mint, ensure both keys are correctly configured for private key storage, and then help set up code signing on your Windows VM. I am familiar with ECC-based signing workflows and tools like osslsigncode and signtool, and I can help confirm that both keys are fully able to sign your executables. We can work live over Google Meet while you share your screen, and I will provide clear instructions without accessing your keys directly. I will ensure the setup is verified, functional, and secure, so you can sign code with both keys immediately. Thank you for reading. Aiman.

@bjorkb

I have just completed a similar project. I successfully verified Yubikey FIPS devices for secure key storage and set up ECC-based code signing on Windows environments, ensuring smooth integration and signing of executables. You won’t find a specialist better aligned with what you’re looking for. I understand the importance of verifying hardware security tokens and establishing a seamless, secure code signing process across multiple platforms. I specialize in transforming complex business requirements into high-converting, user-centric digital assets. I’d love to chat about your project! The worst that can happen is you walk away with a free consultation. Regards, Bjork Bronkhorst

@venplura

Hi there! Are you planning to use the Windows VM to sign executables directly with osslsigncode or via some wrapper script to handle ECC keys? Regardless, this is definitely something that I feel confident delivering on, given my past experience. I would love to discuss your project further! Looking forward hearing from you. Kind Regards, Corné