Digitally sign a CAB file

Source: Internet
Author: User

Digitally sign a CAB file
The legendary digital signature can be downloaded without prompting, so try it:
There are three gadgets in the middle of \microsoft Visual Studio. NET 2003\sdk\v1.1\bin that you can use to implement digital signatures.
1. Makecert.exe---Certificate Creation tool
2. Cert2Spc.exe---Issuer Certificate testing tool
3. Signcode.exe---File Signing tool

Steps:
1) makecert-ss name-n "cn= company name"-sv D:\pos.pvk-r d:\pos.cer sk-represents the key container location of the subject, ss-the subject's certificate store name, N-Certificate-issued object, R-Certificate storage location,-SV Export the private key file (for signature use). Note: This time will allow input three times password, three times to be completely consistent.
2) Use CERT2SPC to generate SPC Publisher certificate (optional): CERT2SPC d:\pos.cer C:\POS.SPC
3) Double-click Signcode to start the Signature wizard without a number of parameters. First select to sign the file, Next, select "Own definition", Next, select "Select from File", add the newly generated Pos.cer certificate, next, select the private key pos.pvk, then next, can SPC certificate, and then the next step. Add a timestamp, fill in the timestamp with http://timestamp.verisign.com/scripts/timstamp.dll Testcab.cab, and then complete the next step.

The CAB file is signed, but this time clicking on the file will reveal that the certificate is not available because the certificate is not turned on. Specific information such as digital certificate, file Properties-〉 View Certificate-〉 Install certificate, go to install Certificate Wizard, store area Select trusted Root certification authority, click Finish.

In the client test:
1) Add certificate, browser-〉 tool-〉internet option-〉 content-〉 certificate-〉 Trusted Authority-〉 import certificate.
2) in the case of a certificate, assume that the server does not increase the "trusted URLs", prompting the download will show the certificate signed content, no certificate is prompted to "unknown."
3) Assuming that the server has added "trusted URLs" and has imported the certificate, it will not be prompted to download any information regardless of the user's feeling. If you do not add a "trusted URL", the control can download normally but still not work properly, regardless of whether it is signed or not.

Iv. questions:
1. Whether or not to join the "trusted URLs".
2. The role of a digital signature, the difference between an authorization certificate and an unauthorized certificate.

Digitally sign a CAB file

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.