Signing the file using Signtool
Note: To sign your sign your code there are lot of GUI mode and text mode tools are available, let us sign our file by using the text mode tool "Signtool" which is distributed freely by Microsoft.
You can download and install the Microsoft SDK which contains the Signtool.exe utility from Here.
Click Here for information on using Microsoft Signtool.exe.
Note: To sign your sign your code there are lot of GUI mode and text mode tools are available, let us sign our file by using the text mode tool "Signtool" which is distributed freely by Microsoft.
You can download and install the Microsoft SDK which contains the Signtool.exe utility from Here.
Click Here for information on using Microsoft Signtool.exe.
- Install the Microsoft SDK and Open the “CMD Shell”.
- Change to the “bin” directory where the “Signtool.exe” file is located.
- Let us take an example of unsigned file “putty.exe”for our signing purpose, the unsigned “putty.exe” file will appear as below.
- We need the “PFX” file and corresponding password to sign the file, if you are not mentioning the “/p” option that takes the PFX File Password as an argument then the Signtool will return an error as below.
Note: The “/f” option takes the PFX file/path as an argument.
- The “/p” option with a PFX file password and successful signing will appear as below.
- The “putty.exe” file after successful signing will appear as below.
- We signed the “putty.exe” file in the above example without the “Timestamp” option, so the properties window of the signed file which is not timestamped will appear as below.
Right click on the “putty.exe” file-->Select “Properties”--> Select “Digital Signature” tab.
- Click on “Details” button for more details.
- Let us sign the file with the timestamp option “/t” which takes the URL of the timestamping server as as argument. Our timestamping server URL is “http://timestamp.comodoca.com/authenticode”.
The successful signing with timestamp option will appear as below.
Note : If you use signcode, you can use this command:
"C:\Program Files\X2Net SignCode\x2netsigncode.exe" -spc "codesigntest.spc" -v "codesigntest.pvk" -pw "comodo" -i www.domainname.com -n "Company Name" -t http://timestamp.comodoca.com/authenticode "putty.exe"
- The resulting properties window of the signed file which is timestamped will appear as below.
- Click on “Details” button for more details.
No comments:
Post a Comment