I’m creating a snap for my software but until now I’ve been using --devmode or --dangerous flag to snap install. Now, I would like to sign it, but I can’t find something like step-by-step or tutorial to do that apart of publishing and pushing my work.
Is it possible to sign a snap without publishing or pushing it to the snap storage? If yes, how can I do that?
Thanks in advance.
No, this is not possible in the way you hope. Specifically even if you signed your .snap file with a local key, your installation of snapd will not trust that key, and therefore won’t remove the requirement to use --dangerous, because it isn’t within of the chain of trust from the public snap store. snapd only trusts signatures from the public store or a brand store.
