Skip to content

Add verification info#2338

Open
flexxxxer wants to merge 1 commit intoHeliBorg:mainfrom
flexxxxer:main
Open

Add verification info#2338
flexxxxer wants to merge 1 commit intoHeliBorg:mainfrom
flexxxxer:main

Conversation

@flexxxxer
Copy link

@flexxxxer flexxxxer commented Mar 4, 2026
edited
Loading

Provides a way to verify obtained checking signing cert hash. Signing cert hash does not provided in that PR, HeliBoard developer needs to provide it on their own.

How to obtain signing cert hash? Simple: using keytool command line tool: keytool -list -v -keystore path/to/keystore.jks (you will be asked to provide password)

  • you need to know keystore location. also if you used multiple keys you get multiple keys info instead of one.
  • you will get output like, and you just need to take what goes after SHA256:
Valid from: <datetime from datetime to>
Certificate fingerprints:
         SHA1: <value>
         SHA256: <another value>
Signature algorithm name: <some signature algorithm name>

keytool usually comes with JDK, in JDK bin folder, see http://stackoverflow.com/questions/5488339/how-can-i-find-and-run-the-keytool

Again, please provide signing key hash on your own using keytool and modifying this PR.

Closes #1852

@flexxxxer
chore: add verification info
0d9663d 
sign cert hash expected to be provided by HeliBoard developer
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Missing way to ensure builds coming from developer (signing key SHA-256 hash not available)

1 participant

@flexxxxer