Microsoft Code Signing Certificate Usage guide http://www.wotrust.com/support/signcode_guide.htm
signature importance : http://www.wotrust.com/FAQ/whySigning.htm
China Digital authentication Network http://www.ca365.com/
SSL Open Forum» software code signing http://www.openssl.com.cn/forum-22-1.html
http://www.cnblogs.com/babyt/
One of the digital signatures for a control: Package the control as a Web publishing package
I made a webrtf control, mostly encapsulating the RichTextBox control, adding some methods, such as printing, to implement the ability to display RTF documents on the Web.
Compiled into Webrtf.ocx, tested successfully in VB, in order to be able to use on the web, we need to do two work
One is to package it as an Internet release package
The second is to digitally sign the package
I take a step-by-step picture to explain, if you are familiar with the first part, you can skip to the second part directly
The picture is quite clear, I only add a little description where necessary.
Part I: Package a control as a release package
Find the location of your original project
In order to package file integrity, it is recommended to set all files to "include in this cab", that is, this package contains all the dependent files
Preventing file loss causes the control to not function properly
OK, the first part is finished, the above red label is the location of packaged files,
Note that there is also an HTM file next to this package file, which can be used to refer to a specific Web application.
<OBJECT ID="myDoc"
CLASSID="clsid:753c5d11-7e87-4c54-b4e7-548f1251d7ba"
CODEBASE="webrtf.cab#version=1,0,0,7">
</OBJECT>
The following begins with the second part, digital signature and publication
To digitally sign a control: Generate a certificate file
To prepare the toolkit, Microsoft's IE SDK contains these tools,
But the development package is too big, and it's a little cumbersome to operate. You just need to download a few files.
The digital signature Toolkit mentioned in the article, please download here
Http://www.cnblogs.com/Files/babyt/SignTool.rar
First, we're going to make a certificate.
Enter DOS mode in this directory
For ease of operation, it is recommended that you place the toolkit at the root of the disk and that the directory name will be simpler
Enter the following command to generate a certificate named Babyt.cer
makecert /sv "babytok.pvk" /n "cn=facesun.cn,e=babyt-163-com,o= Ron Artest " babyt.cer
The meaning of each parameter, using
MakeCert-?
MakeCert-!
Can get a detailed help, not here to say
In the pop-up window, enter the password to protect your certificate, this password will be used repeatedly, so remember
After input completes the interface will prompt succeeded, in the current directory also generated babyt.cer and babytok.pvk two files
Let's start by signing the previously packaged controls.
Digital signature of a control: digital signature
Double-click the Signcode.exe in the toolkit
The digital signature Toolkit mentioned in the article, please download here
Http://www.cnblogs.com/Files/babyt/SignTool.rar
At this point, the digital signature is complete
Under the DOS window, enter
chktrust.exe E:/myTest/package/webrtf.cab
To test our results.
At this time success, right, this "congratulations" the red Word is I do up, but do not come out of these two words do not feel strange
And finally, it's published.
Copy the two files to the Web directory for testing, and then press Install if the certificate installation prompt appears.
Here is the result of my control's normal display on the web.
What's going on, will you?
-------over------------------
I hope I can help you, and don't waste my hard work.
Al-Tae 20050314
Add:
MakeCert.exe generates a test certificate, which is used only for testing purposes, and must be turned on when using the browser "Initialize and script ActiveX controls that are not marked as secure" and "Download unsigned ActiveX controls", otherwise the browser will block the download of ActiveX and display the " Windows has blocked this software because the publisher could not be verified, click Developer information you will see the prompt "the test root is not trusted due to the current policy setting, and the certificate path terminates".
A friend who needs a CA certificate can go to the http://www.ca365.com/application , is free of charge, the use period is one year, obtains the certificate immediately after the application. Note that the application should choose the correct use of electronic certificates, this way we should choose "Code Signing Certificate"! Also note that after installing the certificate 17 steps should choose typical, it will not be like 22 step in the prompt you want the private key file, or you can not complete the digital signature!!
One of the digital signatures for a control: Package a control as a Web publishing package [go]