|Knowledgebase Home | Glossary | Favorites | Login|
|Signing .exe/.cab/.dll using signtool|
Before you can get started, you'll need a code-signing certificate and associated private key. You can buy one from a commercial Certification Authority (CA) such as Mango CA.
To do the actual code signing, you can use the Sign Tool (signtool.exe) command-line utility that Microsoft bundles in the Windows SDK. You can download the SDK for Windows 7 and .NET Framework 4 from the Microsoft Download Center.
The following command adds the catalog file MyCatalogFileName.cat to the system component and driver database. The /v option generates a unique name if necessary to prevent replacing an existing catalog file named MyCatalogFileName.cat.
signtool catdb /v /u MyCatalogFileName.cat
The following command signs a file automatically by using the best certificate.
signtool sign /a MyFile.exe
The following command digitally signs a file by using a certificate stored in a password-protected PFX file.Unknown Object
signtool sign /f MyCert.pfx /p MyPassword MyFile.exe
The following command digitally signs and time-stamps a file. The certificate used to sign the file is stored in a PFX file.
signtool sign /f MyCert.pfx /t http://timestamp.verisign.com/scripts/timstamp.dll MyFile.exe
The following command signs a file by using a certificate located in the My store that has a subject name of My Company Certificate.
signtool sign /n "My Company Certificate" MyFile.exe
The following command signs an ActiveX control and provides information that is displayed by Internet Explorer when the user is prompted to install the control.
Signtool sign /f MyCert.pfx /d: "MyControl" /du http://www.example.com/MyControl/info.html MyControl.exe
The following command time-stamps a file that has already been digitally signed.
signtool timestamp /t http://timestamp.verisign.com/scripts/timstamp.dll MyFile.exe
The following command verifies that a file has been signed.
signtool verify MyFile.exe
The following command verifies a system file that may be signed in a catalog.
signtool verify /a SystemFile.dll
The following command verifies a system file that is signed in a catalog named MyCatalog.cat.
signtool verify /c MyCatalog.cat SystemFile.dll
|No related articles were found.|
|No attachments were found.|
Powered by Mango Certifying Authority