Wednesday, August 17, 2011

How to code sign strong named assemblies


I never quite figured how (or if it is at all possible) to use certificates from verisign to strong name assemblies in visual studio.

So now I simply use my normal "home made" keys for strong naming in VS. Then prior to public release I code sign my binaries using signtool.exe located in:
...[Program Files]\Microsoft SDKs\Windows\v7.0A\Bin

like so:
1) from pfx file:
signtool.exe sign /f c:\temp\myCert.pfx /p myPfxPassword /v /t http://timestamp.comodoca.com/authenticode c:\temp\MyAssembly.dll

2) from certificate in certificate store on local machine:

signtool.exe sign /a /v /u "Code Signing" /n myCertificateName /t http://timestamp.comodoca.com/authenticode c:\temp\MyAssembly.dll


-output-
The following certificate was selected:
    Issued to: MyCompany
    Issued by: VeriSign Class 3 Code Signing 2010 CA
    Expires:   Fri Jun 15 00:59:59 2012
    SHA1 hash: A8DE1239366767E63A6AF60F7DECAFE5B4A7AF42


Done Adding Additional Store
Successfully signed and timestamped: c:\temp\MyAssembly.dll



Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0

No comments: