Re: Strong-naming / delay-signing with Authenticode cert/key
From: Michel Gallant \(MVP\) (neutron@istar.ca)
Date: 03/13/03
- Next message: Michel Gallant \(MVP\): "Re: Working With Certificates"
- Previous message: Shawn: "Re: SQL2K and .NET"
- In reply to: Guru Prasad: "Strong-naming / delay-signing with Authenticode cert/key"
- Next in thread: Guru Prasad: "Re: Strong-naming / delay-signing with Authenticode cert/key"
- Reply: Guru Prasad: "Re: Strong-naming / delay-signing with Authenticode cert/key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Michel Gallant \(MVP\)" <neutron@istar.ca> Date: Thu, 13 Mar 2003 13:22:16 -0500
pvk is proprietary private key file, so there is probably no tool
to convert that directly into snk (yet another key wrapper format).
However, once you import your cert/pvk into system-store and
keycontainer (using pvkimprt.exe), you can easily script the key-container
name using CAPICOM via Certificate.PrivateKey.ContainerName which
is a piece of cake ... script away!
Here is a tool which shows all keycontainer names (including ones
not associated with any certificates); the embedded vbs shows typical
usage of CAPICOM for keystore/container usage:
http://pages.istar.ca/~neutron/KeyContainerTool
- Michel Gallant
MVP Security
JavaScience Consulting
http://pages.istar.ca/~neutron
http://www.jensign.com
"Guru Prasad" <gprasad@amberpoint.com> wrote in message
news:uwQWFCz5CHA.2416@TK2MSFTNGP09.phx.gbl...
> I have been trying to use our existing Authenticode cert/key for
> strong-naming/delay-signing our assemblies. With help from MS support, we
> came up with the list of steps detailed later. But the steps somehow don't
> sound very natural and the build integration turns out to be a bit unusual
> too. Anybody out there who tried this before and knows of a better approach
> ?
>
> Here is the list of steps :
>
> 1) Use pvkimprt to import Authenticode cert/key in .spc/.pvk format into a
> container ( randomly-generated ).
> 2) Export public key in .snk format from this container using "sn -pc"
> 3) Use this public key for strong-naming during developer builds ( the
> assemblies would also be marked for delay-signing / verification skipping ).
> 4) Find the name of the container using a command-line tool ( provided by MS
> support ).
> 5) Use this container to resign the assemblies during release builds using
> "sn -Rc"
>
> Is there a way to transform .spc/.pvk files into .snk keypair files ? I
> would like to avoid the "container" complexity altogether from the preceding
> list.
>
> Appreciate any help. Thanks in advance.
>
>
- Next message: Michel Gallant \(MVP\): "Re: Working With Certificates"
- Previous message: Shawn: "Re: SQL2K and .NET"
- In reply to: Guru Prasad: "Strong-naming / delay-signing with Authenticode cert/key"
- Next in thread: Guru Prasad: "Re: Strong-naming / delay-signing with Authenticode cert/key"
- Reply: Guru Prasad: "Re: Strong-naming / delay-signing with Authenticode cert/key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
