Re: Help for ActiveX

From: Yan-Hong Huang[MSFT] (yhhuang_at_online.microsoft.com)
Date: 02/18/04 

Date: Wed, 18 Feb 2004 05:10:20 GMT

Hello Luca,

Thanks for your update. The detailed steps of creating and signing are:

// 1. Make a self-signed certificate called sign.cer.
MakeCert -sv sign.pvk -r -n "CN=THIS IS A TEST OF MAKECTL" sign.cer
// Make an SPC file using Cert2SPC.
Cert2SPC sign.cer sign.spc

// 2. Make another self-signed certificate called test.cer.
MakeCert -sv test.pvk -r -n "CN=THIS IS MY TEST CERT" test.cer
// Make an SPC file using Cert2SPC.
Cert2SPC test.cer test.spc

// 3. Make a test.ctl from test.cer.
MakeCTL test.cer test.ctl

// 4. Sign test.ctl with the sign.pvk and sign.spc made in step 1.
SignCode -v sign.pvk -spc sign.spc test.ctl

// 5. Move test.ctl to the trust system store.
CertMgr -add -ctl test.ctl -s trust

// 6. Move sign.cer to the root system store.
CertMgr -add -c sign.cer -s root

// 7. Sign something (test.exe) with test.pvk, and test.spc.
SignCode -v test.pvk -spc test.spc test.exe

// 8. Since test.cer is in the test.ctl, ChkTrust will succeed.
ChkTrust test.exe

Please refer to this MSDN topic for details:

"Signing and Checking Code with Authenticode"
http://msdn.microsoft.com/workshop/security/authcode/signing.asp?frame=true

"Creating, Viewing, and Managing Certificates"
http://msdn.microsoft.com/library/en-us/security/Security/creating_viewing_a
nd_managing_certificates.asp?frame=true

Hope that helps.

Best regards,
Yanhong Huang
Microsoft Community Support

Get Secure! ¨C www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

Quantcast