I'm trying to sign my application with a Thawte Code Signing Certificate.
1. I have purchased a Microsoft® Authenticode® (Multi-Purpose) Code Certificate from Thawte.
2. I received the certificate and save it as a .SPC file:
3. I ran pvk2pfx successfully using the .SPC and original .PVK file to create a .PFX file.
C:\>pvk2pfx -pvk "C:\mycert.pvk" -spc "C:\mycert.spc" -pfx "C:\mycert.pfx"
4. From Visual Studio, I selected Application > Signing > Select from File, which requires a .PFX file.
4a. I select the .PFX file and enter the password.
4b. It returned, "The password is invalid."
I'm unclear if it was appropriate to save the original certificate from Thawte as a .SPC file. I tried entering an incorrect password when creating the .PFX and it failed so I assume it was done correctly.
I'm unable to find the Application > Signing > Select from Store, even though I was able to import it into Certificates - Current User > Personal > Certificates.
I'm not sure where it's going off the rails?
And if possible, I would also like to understand:
1. Do my customers need to re-install the application once I apply this new code signing certificate?
2. Do my customers need to re-install my application when the certificate is renewed next year?
3. Will my application run even if the code signing certificate expires?
Note: Thawte said there was a Microsoft issue and I would need to create a new request next time instead of a renew.