In order to add a digital signature to an executable file, a certificate license is required. However, you can have a “test” certificate license with “makecert.exe” and “Certmgr.exe.” Here are the steps for signing a digital signature during development stage.
- makercert -r -pe -sr localMachine -ss Test -n "CN=Ying-Pin Hung (Floyd) –FuDream Group" testcert.cer
- Certmgr –add testcert.cer -s -r localMachine Root
- signtool.exe Sign /v /s Test /n " Ying-Pin Hung (Floyd) –FuDream Group " application.exe
However, signtool does not provide timestamp function by its own. Therefore, you need to get a timestamp in another step.
- signtool.exe timestamp /v /t “http://timestamp.verisign.com/scripts/timstamp.dll “ application.exe
Be aware of this post, this signature is for development stage. You can get a real signature from CA, such as VeriSign, Inc.
Thanks for posting all the steps to perform this task. I was also trying to implement the same but was facing a lot of difficulty. Now all the things are much more clear after reading this article.
ReplyDeletedigital signature