Merge pull request #756 from dotnet/dtivel/update-readme

dotnet · Aug 15, 2024 · d018f75 · d018f75
2 parents 429d24d + 151fc01
commit d018f75
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -46,6 +46,8 @@ You should also use the `filter` parameter with the file list to sign, something
   - Key permissions
     - Cryptographic Operations
       - Sign
+    - Key Management Operations
+      - Get  _(Note:  this is only for the public key not the private key.)_
   - Certificate permissions
     - Certificate Management Operations
       - Get
@@ -70,7 +72,7 @@ The following information is needed for the signing build:
 * `Tenant Id` Azure AD tenant
 * `Client Id` / `Application Id` ServicePrincipal identifier
 * `Key Vault Url` Url to Key Vault. Must be a Premium Sku for EV code signing certificates and all certificates issued after June 2023
-* `Certificate Id` Id of the certificate in Key Vault. 
+* `Certificate Id` Id of the certificate in Key Vault.
 * `Client Secret` for Azure DevOps Pipelines
 * `Subscription Id` for GitHub Actions
 
@@ -81,4 +83,4 @@ Code signing certificates must use the `RSA-HSM` key type to ensure the private
 
 ## Migrating from the legacy code signing service
 
-If you've been using the legacy code signing service, using `SignClient.exe` to upload files for signing, you can use your existing certificate and Key Vault with this new tool. You will need to create a new ServicePrincipal and assign it permissions as described above.
+If you've been using the legacy code signing service, using `SignClient.exe` to upload files for signing, you can use your existing certificate and Key Vault with this new tool. You will need to create a new ServicePrincipal and assign it permissions as described above.