I spent some time reading about this today, I’m kinda suprised I had not heard about the move to ev certificates, it’s very hard to find any info that isn’t self serving (ie from certificate sellers). The best I could find was the requirement for ev certificates for windows 10 drivers.
Our certificate isn’t due for renewal till next year, however I get the feeling I’m going to have to buy an EV certificate sooner just to test this out. The more I read about it though, the more I am horrified and what a poor solution it is. The whole manual intervention (typing a password, on the physical machine) and the physical requirement (usb key) makes a mockery of the established practice of automation software delivery.
I did find this
which looks to be able to get around the password prompt, however you still need access to the usb key, and that raises issues in a virtualised environment. We use hyper-v (2012R2 and 2016) and usb-passthrough is problematic at best, for some usb key’s it just doesn’t work.
So it looks like we are going back to the bad old days of a workstation in the corner that we physically have to walk up to to finish running a build 