code signing
Windows 2008 R2 ENT CA
Our .net developers asked me to create a code signing cert for their applications, that was the easy part. I am very familiar with users certs and computers certs and deploying them but how do I apply this to an application??
March 27th, 2012 7:41am
Hello,
for security i suggest to ask in
http://social.technet.microsoft.com/Forums/en/winserversecurity/threadsBest regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
March 27th, 2012 7:44am
Besides security, I would also suggest you consider posting this in the code language the application is was developed in. The users within that community will have done this before and should be able to guide you with the exact steps.
--
Paul Bergson
MVP - Directory Services
MCITP: Enterprise Administrator
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, Vista, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com Twitter @pbbergs
http://blogs.dirteam.com/blogs/paulbergson
Please no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.
March 27th, 2012 7:56am
Windows 2008 R2 ENT CA
Our .net developers asked me to create a code signing cert for their applications, that was the easy part. I am very familiar with users certs and computers certs and deploying them but how do I apply this to an application??
Free Windows Admin Tool Kit Click here and download it now
March 27th, 2012 7:58am
Code signing certificates are distributed to users. When necessary, a user may use .NET native tools (classes and methods) or use external tool (say, signcode.exe) to sign the data. In other words, you need to issue code signing certificate to responsible
person (who will perform data signing) and the rest is done via mentioned tools.My weblog: http://en-us.sysadmins.lv
PowerShell PKI Module: http://pspki.codeplex.com
Windows PKI reference:
on TechNet wiki
March 27th, 2012 8:04am
Not being a developer I'm not sure what that means but I will pass it along, thanks.
One other observance I had was that I gave the cert template a 5 year expiration however as I look at mine it is only 2 years. Any ideas?
Free Windows Admin Tool Kit Click here and download it now
March 27th, 2012 8:39am
ok, will do.
One other observance I had was that I gave the cert template a 5 year expiration however as I look at mine it is only 2 years. Any ideas?
March 27th, 2012 9:04am
Your CA is set to default settings and a governor is limiting the validity period of issued certs to 2 years
Run
certutil -setreg CA\ValidityPeriodUnits 5
certutil -setreg CA\ValidityPeriod "Years"
net stop certsvc && net start certsvc
This will increase the max validity period to five years, matching your cert template
Brian
Free Windows Admin Tool Kit Click here and download it now
March 27th, 2012 11:53am