I've been working on ActiveX technology recently. I used Delphi 7 to create an ActiveX control application with ActiveForm. This control produces one. OCX file. Now, I need to deploy this control on the server side, the user's IE will download, install and display the control when the user browses the Web page and chooses to install the control.
However, after my control must be digitally signed, IE will not download the installation. The problem is how to digitally sign ActiveX controls. The concrete steps are now shared with you.
First I need a digital signature tool. If you do not, you can download the following address:
Http://files.cnblogs.com/babyt/SignTool.rar
The name of the control is custform.ocx. First, we need to create a. The CAB file is used to compress all files that need to be published. The files we need to publish together are custform.lic files. It was built for us by Delphi when we created the control project. If you do not publish this file, even if the download installation of your control is successful, IE will not be able to display it.
In order to be in one. CAB file, we must first create one. INF file. One. INF file can tell IE that it needs to download the files and where to get them.
1. Create. INF file
Create one. INF file is very simple, written in a Notepad program can be. We put our. The INF file is named Gmtestx.inf. Because we're going to be in. The CAB file contains the two files Gmtest.ocx and gmtest.lic, so our. inf file reads as follows:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Version]
Signature= "$CHICAGO $"
dvancedinf=2.0
[Add.Code]
Custform.ocx=custform.ocx
Custform.lic=custform.lic//If you do not select Make Conctrol lincensed when you create an active form, the. lic file is not generated, so you can remove this row when you create an. inf file
[Custform.ocx]
File-win32-x86=thiscab
CLSID={C504DF79-C5EC-4314-AC3E-1F770DB81A01}
fileversion=1,0,0,0
Registerserver=yes
[custform.lic]//If you do not select Make Conctrol lincensed when you create an active form, the. lic file is not generated, so you can remove this row when you create an. inf file
file-win32-x86=thiscab//If you do not select Make Conctrol lincensed when you create an active form, the. lic file is not generated, so you can remove this row when you create an. inf file
fileversion=1,0,0,0//If you do not select Make Conctrol lincensed when you create an active form, the. lic file is not generated, so you can remove this row when you create an. inf file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In this. INF file has two lines of code in the [Version] section. Signature= "$CHICAGO $" means this. INF file is compatible with WINDOWS95 or later versions and Windows NT 4.0 or later. advancedinf=2.0 represents the Advpack.dll version, IE 4.0 or later version must import this file to parse this. INF file. The required version here is 2.0.
As for the [Add.Code] section, which is listed in one. The files in the CAB file that need to be downloaded, and map the details of these files to the corresponding sections thereafter. For example, the information in the [Custform.ocx] section is to download information about the Custform.ocx file.
The first code in the [Custform.ocx] section tells the ie,custform.ocx file to be included in this. cab file. The second line indicates the CLSID number of the control. The third row is the version number of the control. Line four tells IE to register the control using the previous CLSID number. [Custform.lic] Part is not much to say.
2. Create. CAB file
Enter the following code on the command line to add the three files Custform.ocx, Custform.inf, and Custform.lic to a. cab file named Custform.cab:cabarc.exe-s 6144 N Custform.cab Custform.ocx Custform.inf Custform.lic
3. Create a certificate file
At the command line, enter the following command:
MAKECERT-SV custform.pvk-r-N "Cn=sunstar" Custform.cer
4. Convert Certificate
CERT2SPC Custform.cer CUSTFORM.SPC
5. Create another self-signed certificate, called Test.cer
In the command line, enter the following two commands, in turn:
MAKECERT-SV test.pvk-r-N "Cn=sunstar" Test.cer
CERT2SPC Test.cer TEST.SPC
6. Create test.ctl files from Test.cer
Makectl Test.cer Test.ctl
7. Digitally sign test.ctl with CUSTFORM.PVK and CUSTFORM.SPC two documents
Signcode-v CUSTFORM.PVK-SPC CUSTFORM.SPC Test.ctl
8. Move the Test.ctl to the trusted system storage area
Certmgr-add-ctl Test.ctl-s Trust
9. Move the custform.cer to the root system storage area
Certmgr-add-c Gmtestx.cer-s Root
10. Digitally sign custform.cab with TEST.PVK and TEST.SPC
Singcode-v TEST.PVK-SPC TEST.SPC Custform.cab
11. Check whether the file is validated
ChkTrust Custform.cab
If the file passed the digital signature detection, the system will ask whether to install the file, this time must choose the installation, the entire signature process can be completed.
In the process of performing these steps, the user is sometimes required to enter a password. Users can choose any password, such as 12345.