Choosing Your Certificate
|how-to | home|
To choose a certificate to sign a shares assembly display project properties and select the Signature page:
Click the upper choose button. This will display the system dialog with available certificates:
This dialog displays all certificates in your private store. If the list is empty you have no certificates. Look through the list and find the certificate you would like to use. Remember that this must be a Code Signing certificate with at least 2048 bit key. Click View Certificate to see the details on the selected certificate. Once you make your selection, click OK.
At this point you may get the following error message:
This means you do not have MS Platform SDK utilities installed or Manifest Maker configuration is incorrect. See Files From MS Platform SDK for more details.
After you successfully choose the certificate, the Signature page will display two hexadecimal strings. If you plan to sign the output MSI file, click the lower choose button and select a file signing certificate. The following screenshot shows the same certificate selected for both assembly signature and the MSI file signature. This is not normally done in real applications. The assembly signature is normally a private, self-signed, certificate and the file signature is normally a trusted third party-issued code signing certificate.
These values are used to identify your certificate.
A shared assembly built by Manifest maker has two new files in the assembly directory:
If you double-click the .CAT file Windows will open the standard Security Catalog properties dialog:
The above dialog is an illustration of what happens when your Windows do not trust the source of your digital signature - note the error icon and the error message. This is not a problem, because side-by-side does not use the signature to verify the authenticity of the assembly, only its integrity. See Building Shared Assemblies for discussion of this topic. If you would like to get rid of the error message, tell Windows that you trust this signature. See Managing Your Certificates for information on how to do this.