Hi!
I'm attempting to get rid of that "Unknown Publisher" message that appears when you run unsigned code on windows, but I'm a bit confused.
What I have:
- a *.cert.pem file. Would this be the same as a spc?
- a *.key.pem file. Would this be the same as a *.key file?
I took them from my apache ssl directory since I already have a certificate for https. Am I able to use the same thing to sign code?
It still shows up as "Unknown Publisher" though, and I'm not even sure that I'm doing it correctly. Would anyone be able to help?
Thanks a lot!
Cheers.
Edit: Perhaps I want to do the following instead?
I'm attempting to get rid of that "Unknown Publisher" message that appears when you run unsigned code on windows, but I'm a bit confused.
What I have:
- a *.cert.pem file. Would this be the same as a spc?
- a *.key.pem file. Would this be the same as a *.key file?
I took them from my apache ssl directory since I already have a certificate for https. Am I able to use the same thing to sign code?
Code:
pvk.exe -topvk -nocrypt -in privkey.key.pem -out out.pvk
makecert.exe -sv out.pvk -n "CN=MyCert" certfile.cer -b <startdate> -e <enddate>
pvk2pfx.exe -pvk out.pvk -spc certfile.cer -pfx PfxFile.pfx -po <password>
signtool.exe sign /f PfxFile.pfx /p <password> <binary exe>
It still shows up as "Unknown Publisher" though, and I'm not even sure that I'm doing it correctly. Would anyone be able to help?
Thanks a lot!
Cheers.
Edit: Perhaps I want to do the following instead?
Code:
pvk.exe -topvk -nocrypt -in privkey.key.pem -out out.pvk
openssl.exe crl2pkcs7 -nocrl -certfile my.cert.pem -outform DER -out my.spc
pvk2pfx.exe -pvk out.pvk -spc my.spc -pfx PfxFile.pfx -po <password>
signtool.exe sign /f PfxFile.pfx /p <password> <binary exe>