All geek questions in one place

How to code to sign a Visual Studio project

I have a VB.Net Visual Studio 2015 project that creates an exe file for people inside the company. We have never had to enter code before, but when our computers switch to Windows 10, we get warnings and warnings from Windows that the EXE does not trust. The idea was brought to the code mark for the application when it was built.

We are currently using the InstallShield installer for the EXE and its files. I have local test certification and private key / public key. At the moment, however, I do not know how to encode the character. I used the Signature tab in the properties and parameters of the project, but this does not sign the actual EXE. At least SignTool does not consider it signed. And we do not want to use ClickOnce for publishing or deployment.

Do I need to do this through the command line? Or is there a place for Visual Studio to label the code?

EDIT: I know I can just write a script message to add code signing, but I would expect Visual Studio to be able to enable this.

+5
source share
1 answer

I put the following in the "Post-Build Event Command Line" in Visual Studio.

"C: \ Program Files (x86) \ Windows Kits \ 10 \ bin \ 10.0.15063.0 \ x64 \ signtool.exe" sign / v / sha1 {thumbprint} $ (TargetPath)

"C: \ Program Files (x86) \ Windows Kits \ 10 \ bin \ 10.0.15063.0 \ x64 \ signtool.exe" timestamp / tr http://timestamp.comodoca.com/rfc3161 $ (TargetPath)

The fingerprint is in the code signing certificate, use IE to view the certificate, select the fingerprint and remove all spaces. This is for a code signing certificate from Comodo (I purchased from http://ksoftware.net/ - The best pricing and certificate is issued by Comodo)

Note. Your Signtool.exe file location may differ depending on the SDK version and Windows version.

+1
source

Source: https://habr.com/ru/post/1263800/

More articles:


All Articles