Code Signing (Digital Signature) using Signtool Rumi, February 4, 2013 The following command adds the catalog file MyCatalogFileName.cat to the system component and driver database. The /v option generates a unique name if necessary to prevent replacing an existing catalog file named MyCatalogFileName.cat. signtool catdb /v /u MyCatalogFileName.cat The following command signs a file automatically by using the best certificate. signtool sign /a MyFile.exe The following command digitally signs a file by using a certificate stored in a password-protected PFX file. signtool sign /f MyCert.pfx /p MyPassword MyFile.exe The following command digitally signs and time-stamps a file. The certificate used to sign the file is stored in a PFX file. signtool sign /f MyCert.pfx /t http://timestamp.verisign.com/scripts/timstamp.dll MyFile.exe The following command signs a file by using a certificate located in the My store that has a subject name of My Company Certificate. signtool sign /n "My Company Certificate" MyFile.exe The following command signs an ActiveX control and provides information that is displayed by Internet Explorer when the user is prompted to install the control. Signtool sign /f MyCert.pfx /d: "MyControl" /du http://www.example.com/MyControl/info.html MyControl.exe The following command time-stamps a file that has already been digitally signed. signtool timestamp /t http://timestamp.verisign.com/scripts/timstamp.dll MyFile.exe The following command verifies that a file has been signed. signtool verify MyFile.exe The following command verifies a system file that may be signed in a catalog. signtool verify /a SystemFile.dll The following command verifies a system file that is signed in a catalog named MyCatalog.cat. signtool verify /c MyCatalog.cat SystemFile.dll Related PKI Code SignSignTool
Neighbour table overflow February 10, 2012 If you have a big network with the hundreds of hosts you can expect “Neighbour table overflow” error which occurs in large networks when there are two many ARP requests which the server is not able to reply. For example you’re using server as a DHCP server, cable modems provisioning,… Read More
Creating a Certificate Signing Request Using Certreq.exe April 6, 2013 Create a file named CSRParameters.inf on the C:\ drive using the contents below as a template (replace the single quotes with double quotes): [NewRequest] Subject="CN=mailgw.mango.com.bd,OU=IIG,O=Mango Teleservices Limited,S=Not Applicable,L=Dhaka,C=BD" KeySpec=1 KeyLength=2048 Exportable=TRUE MachineKeySet=TRUE SMIME=False PrivateKeyArchive=FALSE UserProtected=FALSE UseExistingKeySet=FALSE ProviderName="Microsoft RSA SChannel Cryptographic Provider" ProviderType=12 RequestType=PKCS10 KeyUsage=0xa0 Silent=TRUE [EnhancedKeyUsageExtension] OID=1.3.6.1.5.5.7.3.1 Open a command… Read More
Convert .p12 bundle to server certificate and key files August 28, 2015February 16, 2024 Seperate Private Key and Certificate file #Generate certificates bundle file openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem #Generate server key file. openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes… Read More