How do I sign a click package after building it?
I ssh'd into my phone and created a package:
phablet@ubuntu-phablet:~/Downloads$ click build voipmssmsnotifier/ Successfully built package in './voipmssmsnotifier.yourname_1.0.0_armhf.click'. phablet@ubuntu-phablet:~/Downloads$ pkcon install-local voipmssmsnotifier.yourname_1.0.0_armhf.click Installing files [=========================] Finished [=========================] Installing files [=========================] Starting [=========================] Finished [=========================] Fatal error: /home/phablet/Downloads/voipmssmsnotifier.yourname_1.0.0_armhf.click failed to install. Cannot install /home/phablet/Downloads/voipmssmsnotifier.yourname_1.0.0_armhf.click: Signature verification error: debsig: Origin Signature check failed. This deb might not be signed.
However, shown in the above output, it won't install because the click package is not signed. I don't see anything about it in the docs here.
Apparently you can install it via:
pkcon install-local --allow-untrusted something.click
I learned this from the matrix chat:
@tahayassen I'm not sure, I will have to search a bit to validate.
But signed apps are available from the OpenStore, I don't remember doing anything else than allowing developer mode to test my apps.
Do you use a private/public key to authenticate via SSH ?
[Edit] You can also use clickable to push the click to your phone, it does all the magic
@AppLee I'm actually not using the OpenStore at all but just doing all my development work locally at the moment. I'm not using clickable because my app cannot be cross-compiled. It relies on a rust dbus crate that doesn't allow cross-compiling (see https://github.com/diwic/dbus-rs/blob/master/libdbus-sys/cross_compile.md for details).