Code Signing (Digital Signature) using Signtool Rumi, February 4, 2013 The following command adds the catalog file MyCatalogFileName.cat to the system component and driver database. The /v option generates a unique name if necessary to prevent replacing an existing catalog file named MyCatalogFileName.cat. signtool catdb /v /u MyCatalogFileName.cat The following command signs a file automatically by using the best certificate. signtool sign /a MyFile.exe The following command digitally signs a file by using a certificate stored in a password-protected PFX file. signtool sign /f MyCert.pfx /p MyPassword MyFile.exe The following command digitally signs and time-stamps a file. The certificate used to sign the file is stored in a PFX file. signtool sign /f MyCert.pfx /t http://timestamp.verisign.com/scripts/timstamp.dll MyFile.exe The following command signs a file by using a certificate located in the My store that has a subject name of My Company Certificate. signtool sign /n "My Company Certificate" MyFile.exe The following command signs an ActiveX control and provides information that is displayed by Internet Explorer when the user is prompted to install the control. Signtool sign /f MyCert.pfx /d: "MyControl" /du http://www.example.com/MyControl/info.html MyControl.exe The following command time-stamps a file that has already been digitally signed. signtool timestamp /t http://timestamp.verisign.com/scripts/timstamp.dll MyFile.exe The following command verifies that a file has been signed. signtool verify MyFile.exe The following command verifies a system file that may be signed in a catalog. signtool verify /a SystemFile.dll The following command verifies a system file that is signed in a catalog named MyCatalog.cat. signtool verify /c MyCatalog.cat SystemFile.dll Related PKI Code SignSignTool
EJBCA Custom OID DN and altName oids April 16, 2012 EJBCA supports custom (your own) OIDs in DN components. In order to add such a DN you can simply call the DN for example: CN=MyCommonName,1.1.1.1=MyCustomOid,C=SE Where 1.1.1.1 is your custom OID. Custom OIDs are always encoded as UTF8String in the DN. To get support for custom OIDs in the Admin… Read More
Difference between CP and CPS March 23, 2011 Definitions, Acronyms and Abbreviations Certificate Policy (CP) – a document listing the rules to be abided by when issuing and managing Certificates. Certificate Practice Statement (CPS) – lists the procedures to be followed when issuing and managing Certificates. Certificate Policy (CP) A Certificate Policy [ 4 ] describes the rules… Read More
Convert .p12 and install in apache server October 18, 2013 If you have a pkcs12 file (from IIS for example) and if you need to install the certificate on an Openssl-compatible product such as Apache, you will have to extract the content of the pkcs12 to get several files. First of all, create a global file (package): openssl pkcs12 -in… Read More