Signing a visualization mod using Package Builder
Spotfire visualization mods are visualizations created using web technologies such as JavaScript or TypeScript, that run in the provided framework within Spotfire clients. Mods can be created and uploaded to a Spotfire library by any user with sufficient privileges. When mods are developed for a particular Spotfire environment, they can be signed by the user account that loads the mod project into Spotfire. However, if you want your mods to be signed in all environments, and possible to distribute to more people, you should use a certificate created by a certificate authority (CA) to sign your mods. You can sign a mod project using the Spotfire Package Builder console by following the steps in this topic.
Before you begin
- You must have a code signing certificate from a trusted CA.
- You must have access to the source code for the mod project you want to sign. See GitHub for instructions on how to develop mods.
- Use the Spotfire Package Builder console version 11.0 or later.
Procedure
Results
Example: Signing or re-signing a .mod file
You can also sign an existing .mod file (exported from the Spotfire client or built using Package Builder):
.\Spotfire.Dxp.PackageBuilder-Console.exe /targettype:mod /sign /target:"D:\Mods\Examples\signedmods\re-signedmod.mod" /localcert:"CurrentUser:TrustedPeople:FindByThumbprint:f3ef5f85dc02480d1a0c4a4949405a06d9d9b5ff"
Read more about trust in the Spotfire environment in the Spotfire Server – Installation and Administration Manual.
See also Examples of building using the Package Builder console.