The person in charge of the Certificate authority in our organization is on medical leave so i have been given the following certificate task. lease create a Software Publish Certificate for Software distribution to digitally sign all msi?s and msp built inhouse at Powerdrive. A single certificate is required that can be incorporate into all Powerdrive/msp?s that will identify Powerdrive as the publisher. This will be required to allow management of software with Applocker Rules. The certificate will be required by Aug 24/2012 as part of the move to SCCM 2012 project For any additional info or testing please contact myself. I have done some research into this and have found that i can create a certificate using makecert and then use signtool to digitally sign the msi but they say that makecert should only be used for testing purposes and i should get a thawte cert. I don't think that is true if this is for only for inhouse apps. Could someone point me in the right direction. Excuse me for my lack of knowledge in this area lars

thanks for the info. I notice in a lot of the documentation that you can use makecert to test certs but doesn't say anything about using it for production. But i notice one of the switches is -$ CertificateAuthorite which implies that this can be used for production intranet digital signing. thanks Type of certification authority. CertificateAuthority must be set to either commercial (for certificates to be used by commercial software publishers) or individual (for certificates to be used by individual software publishers) lars

Hi Lars, Thanks for sharing. If we only need to use the certificate within the bounds of our organizational network, and do not need to have the certificate being recognized by those outside of our organization, we can use the MakeCert program, because they do not require a purchase from a CA. Here are some articles for your reference: Acquire a Code Signing Certificate http://technet.microsoft.com/en-us/library/cc732597(v=ws.10).aspx How to: Create Your Own Test Certificate http://msdn.microsoft.com/en-us/library/ff699202.aspx Certificate selection and requirements http://technet.microsoft.com/en-us/library/gg188582 Regards Kevin TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.

Hi Lars, Just checking to see how is the troubleshooting going. Please feel free to let us know if you would like further assistance. Regards Kevin TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.

Hi Lars, Glad to hear that you found the answer. Thank you for sharing it with us. Regards Kevin TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.