and, along with help some other resources, managed to get my module signed but it won't load on a system that is not in developer mode.
Certificate for module REST-Alarm-Notification-signed.modl not trusted
I'm wanting to use a self signed module for internal use as described in the docs:
Modules can be signed using either a real code signing certificate obtained from a Certificate Authority or using a self-generated and self-signed certificate. What kind of certificate you use to sign your module depends on the level of assurance you want to offer your end users. If you're building a module for internal use within your company, using a self-signed certificate may not be an issue.
I'm assuming I've missed some important step. Are there some other resources available to help diagnose this and get it working?
If you go to the module page in the configuration section of the gateway and scroll to the bottom is there not an option to install/trust your module? Can you show us some screenshots of what you're seeing?
I see the self signed module warning and allow that but then installation fails.
com.inductiveautomation.ignition.gateway.modules.ModuleVerificationException: module verification failed
at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl.verifyModuleSignatures2(ModuleManagerImpl.java:1617)
at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl.loadModule(ModuleManagerImpl.java:1314)
at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl$2.call(ModuleManagerImpl.java:775)
at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl.executeModuleOperation(ModuleManagerImpl.java:958)
at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl.installModuleInternal(ModuleManagerImpl.java:748)
at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl$InstallCommand.execute(ModuleManagerImpl.java:1917)
at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl$Receiver.receiveCall(ModuleManagerImpl.java:1870)
at com.inductiveautomation.ignition.gateway.redundancy.QueueableMessageReceiver.receiveCall(QueueableMessageReceiver.java:47)
at com.inductiveautomation.ignition.gateway.redundancy.RedundancyManagerImpl.dispatchMessage(RedundancyManagerImpl.java:1030)
at com.inductiveautomation.ignition.gateway.redundancy.RedundancyManagerImpl$ExecuteTask.run(RedundancyManagerImpl.java:1098)
at com.inductiveautomation.ignition.common.execution.impl.BasicExecutionEngine$ThrowableCatchingRunnable.run(BasicExecutionEngine.java:544)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: signature verification failed
at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl.verifyModuleSignatures2(ModuleManagerImpl.java:1609)
... 16 common frames omitted
Looks like a signing issue. The cert generation process is quite complicated. I've used some generic instructions from various sources to do that and I've probably messed that up. Can you direct me to some instructions about how to do this properly so that it will work with Ignition?
I've used the module signing utility as described in the documentation and it succeeds without an error but I have used instructions found in various places to generate the certs and convert them to the required format and I think I have done this incorrectly. What I'm asking for is pointers to some guidance on how to do that correctly. I.e steps 1 & 2 from the docs:
What you'll need:
code signing certificate.
the full certificate chain, in the correct order, in p7b (PKCS7) format.
the IA module signing tool or a tool that is capable of doing the equivalent.