Before you can sign a program file you need to create a company certificate. The company certificate usually includes general information about the company, such has contact information. For the purpose of this sample, you are just testing, not publishing. So, you will make a very simple test certificate file.
To get a valid Software Publisher Certificate (SPC), you will need to contact a certification autority.
Return to the top of this article.
C:\SIGN\MAKECERT -u:MyKey -n:CN=MySoftwareCompany -k:MYKEY.PVK CERT.CER C:\SIGN\CERT2SPC C:\SIGN\ROOT.CER CERT.CER CERT.SPCNote: The MAKECERT tool is sensitive to the case of the flags. You must use lowercase -u, -n, and -k. The value for the -n flag uses uppercase CN=.
These command assume that you installed the Code Signing Kit in the C:\SIGN directory. If you have not installed the Code Signing Kit, you can find it on the CD-ROM in the \CAB&SIGN directory.
The first command, MAKECERT, creates a test certificate file CERT.CER and an associated private key file MYKEY.PVK. You can replace the MyKey and MySoftwareCompany with values of your own choosing. The private key file MYKEY.PVK holds the MyKey value for this certificate. You can change the name of the test certificate file or the private key file. If you do, you will need to change the parameters to later commands to use your filenames.
The second command, CERT2SPC, creates a Software Publisher Certificate (SPC) from the test certificate file CERT.CER. It uses ROOT.CER for information on the test certification authority. It creates the SPC file CERT.SPC.
You use the private key file MYKEY.PVK and the SPC file CERT.SPC to sign program files. For information on signing program files, see Signing a Program File.
The PVK and SPC files can be used over and over. Creating them in a separate directory facilitates their reuse. In a non-test case, you must guard these two files, since they will digitally sign any program file as coming from you.
Return to the top of this article.