Codesign failure in AppVeyor Release builds

[alranel]

When building with the Release configuration in AppVeyor, the following error is raised:

SignTool error : No certificates were found that met all the given criteria.
3>C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\V140\Microsoft.CppCommon.targets(133,5): error MSB3073: The command ""C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1A\Bin\signtool.exe" sign /fd sha256 /sha1 e0402d01f6292e55540e018df14130234ec08306 /tr http:https://sha256timestamp.ws.symantec.com/sha256/timestamp /td sha256 C:\projects\cie-middleware\Win32\Release\CIEPKI.dll

[fottavi]

I have been using a code signature certificate issued to IPZS, and I don't think that it's possible to upload it to AppVeyor (both for legal issues and platform limitations).
By now we can skip the code signature step. When we'll reach the first release build we'll solve the problem. I can apply the signature on my PC then I'll upload the signed exe in the repository. Anyway, at the moment it's not critical. Let's just keep the issue open to remind the task

[madduci]

It should be possible by uploading an encrypted version of the codesigning keystore, unlock it at runtime with an environment variable (set in AppVeyor by the repository maintainer) and sign the code.

Example of powershell script doing encryption/decryption: https://gallery.technet.microsoft.com/scriptcenter/PowerShell-Script-410ef9df