How do I sign a click package after building it?

  • I ssh'd into my phone and created a package:

    phablet@ubuntu-phablet:~/Downloads$ click build voipmssmsnotifier/
    Successfully built package in './'.
    phablet@ubuntu-phablet:~/Downloads$ pkcon install-local
    Installing files              [=========================]         
    Finished                      [=========================]         
    Installing files              [=========================]         
    Starting                      [=========================]         
    Finished                      [=========================]         
    Fatal error: /home/phablet/Downloads/ failed to install.
    Cannot install /home/phablet/Downloads/ Signature verification error: debsig: Origin Signature check failed. This deb might not be signed.

    However, shown in the above output, it won't install because the click package is not signed. I don't see anything about it in the docs here.

  • Apparently you can install it via: pkcon install-local --allow-untrusted

    I learned this from the matrix chat:

  • @tahayassen I'm not sure, I will have to search a bit to validate.
    But signed apps are available from the OpenStore, I don't remember doing anything else than allowing developer mode to test my apps.

    Do you use a private/public key to authenticate via SSH ?

    [Edit] You can also use clickable to push the click to your phone, it does all the magic

  • @AppLee I'm actually not using the OpenStore at all but just doing all my development work locally at the moment. I'm not using clickable because my app cannot be cross-compiled. It relies on a rust dbus crate that doesn't allow cross-compiling (see for details).

Log in to reply