xodos
asked on
working with signcode ,makecert , etc
dear sir ,
i have a .cab file , i want to sign it ,
i read the msdn library but i couldnt reach the solution
can you please simpify the solution for me ?
i will be grateful
thanks
i have a .cab file , i want to sign it ,
i read the msdn library but i couldnt reach the solution
can you please simpify the solution for me ?
i will be grateful
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
now it works
i run chktrust mycab.cab
the result is
mycab.cab:succeeded
and it opens the certificate and it was signed
i open the browser and i put the path of the html file which loads the activex control
the browser blocked the control , i allowed it to run , but it said uknown publisher
and it didnt run
i run chktrust mycab.cab
the result is
mycab.cab:succeeded
and it opens the certificate and it was signed
i open the browser and i put the path of the html file which loads the activex control
the browser blocked the control , i allowed it to run , but it said uknown publisher
and it didnt run
Yep the problem is you need a trusted certificate provider like verisign, whose public key is part of IE.
This is what I have found about the timestamp server:
A timestamp server validates the date and time that the cabinet file
was signed. Certificate files may expire. Contact your certificate file
provider (certificate authority, such as, Verisign) for the location of
their timestamp server.
---
You might set your IE security settings to low, or define a trusted zone to make this active x control working.
Using standard security settings and running an homesigned control is a security breach.
Tolomir
ASKER
i have it ,
signcode -v mycert.pvk -spc mycert.spc new.cab -t http://timestamp.verisign.com/scripts/timstamp.dll
i put this code ,
then i run chktrust new.cab
it pops the certificate
if i have a certificate authority server , where would the timestamp server be ?
signcode -v mycert.pvk -spc mycert.spc new.cab -t http://timestamp.verisign.com/scripts/timstamp.dll
i put this code ,
then i run chktrust new.cab
it pops the certificate
if i have a certificate authority server , where would the timestamp server be ?
sorry cannot help you any further, since I've never created such a signature.
But maybe the verisign timestamp server is good enough? Even if you are using a different autority server... give it a try. Good luck.
Tolomir
But maybe the verisign timestamp server is good enough? Even if you are using a different autority server... give it a try. Good luck.
Tolomir
ASKER
i have an authority server on win2k machine
i made a certificate
in this case my authority server is the certificate provider
but how can i use the timestamp ?
thanks