Cyberiafreak

"Fortunate are those who take the first steps.” ― Paulo Coelho

How to use the same keyset for strongname signing as well as for manifest and/or Authenticode signing.

Strong name signing requires KeySpec=2 (AT_SIGNATURE). Similar issue was blogged for VS2005  http://blogs.msdn.com/b/andrekl/archive/2008/01/08/strong-name-signing-in-visual-studio-2005-requires-keyspec-2-at-signature.aspx and that still holds true for VS2010. The certificate has KeySpec=1 (AT_EXCHNAGE) and worked around by modifying the certificate to have KeySpeck=1. Steps below helps you to successfully sign the project

1. Using the “Certifiates” MMC export the existing keyset (KeySpec=1) to a PFX file.

2. Delete the existing certificate from the crypto store (using the MMC).

3. Open a CMD prompt.

4. import the PFX file using this command:certutil -importPFX -user <pfxfilename> AT_SIGNATURE

5. Enter the passphrase for the pfx when prompted.

6. You now should have a keyset/Cert with KeySpec=2. If needed you can now export this into another PFX file using the MMC again.

7. Use the new .pfx in the Visual Studio to sign the executable

Advertisements

April 30, 2014 - Posted by | Uncategorized | , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: