PDA

View Full Version : Code Signing



NewsArchive
03-24-2005, 09:41 AM
[Monday, March 21, 2005 8:28 PM]

Hi all,

I just purchased a CSC from Comodo ( took just 30 min and I had the
certificate...wow ) and I am attempting to include it as part of my SB5
install. On the "Digital Signature" tab it asks for Web URL: and I'm
uncertain what I need to enter in this field. Any help is appreciated.

Secondly, an SDK called the "Internet Client SDK" is referenced in the
Comodo install instructions for testing the signed exe. Anyone know where I
can obtain a copy of this? Specifically looking for chktrust.

Thanks in advance for your assistance.

Lee

NewsArchive
03-24-2005, 09:42 AM
[Monday, March 21, 2005 9:15 PM]

>Hi all,
>
>I just purchased a CSC from Comodo ( took just 30 min and I had the
>certificate...wow ) and I am attempting to include it as part of my SB5
>install. On the "Digital Signature" tab it asks for Web URL: and I'm
>uncertain what I need to enter in this field. Any help is appreciated.
>
>Secondly, an SDK called the "Internet Client SDK" is referenced in the
>Comodo install instructions for testing the signed exe. Anyone know where I
>can obtain a copy of this? Specifically looking for chktrust.
>
>Thanks in advance for your assistance.

Lee,

Friedrich will correct me if I'm wrong, but the SDK is only needed for
signcode.exe. That is included with SB. The URL is the time stamping URL for
whatever CA you're using. InstantSLL documents
http://timestamp.comodoca.com/authenticode as theirs.

--
Best regards,

Mark

NewsArchive
03-24-2005, 09:42 AM
[Tuesday, March 22, 2005 12:10 AM]

Hi Mark,

I understand SB5 does the code signing. What I am wanting to do is use the
utility "ChkTrust" to test the final install for correct notification when
installing "after" SB5 has done its thing.

The URL I am referring to is the first entry field on the tab. I already
have the Time Stamp URL in place.

Thanks for your input.

Lee

NewsArchive
03-24-2005, 09:42 AM
[Tuesday, March 22, 2005 1:36 AM]

>Hi Mark,
>
>I understand SB5 does the code signing. What I am wanting to do is use the
>utility "ChkTrust" to test the final install for correct notification when
>installing "after" SB5 has done its thing.
>
>The URL I am referring to is the first entry field on the tab. I already
>have the Time Stamp URL in place.
>
>Thanks for your input.

Lee,

ChkTrust is part of several MS SDKs. .NET and the ActiveX SDK are two of
them. You might find this useful:
http://msdn.microsoft.com/workshop/security/authcode/signing.asp#ChkTrust

http://msdn.microsoft.com/workshop/security/authcode/signing.asp#ChkTrust

>Mark Geisinger wrote:
>> Lee Hydechuk <leeh@customapps.com> wrote:
>>
>>> Hi all,
>>>
>>> I just purchased a CSC from Comodo ( took just 30 min and I had the
>>> certificate...wow ) and I am attempting to include it as part of my
>>> SB5 install. On the "Digital Signature" tab it asks for Web URL: and
>>> I'm uncertain what I need to enter in this field. Any help is
>>> appreciated.
>>>
>>> Secondly, an SDK called the "Internet Client SDK" is referenced in
>>> the Comodo install instructions for testing the signed exe. Anyone
>>> know where I can obtain a copy of this? Specifically looking for
>>> chktrust.
>>>
>>> Thanks in advance for your assistance.
>>
>> Lee,
>>
>> Friedrich will correct me if I'm wrong, but the SDK is only needed for
>> signcode.exe. That is included with SB. The URL is the time stamping
>> URL for whatever CA you're using. InstantSLL documents
>> http://timestamp.comodoca.com/authenticode as theirs.
>
>

--
Best regards,

Mark

NewsArchive
03-24-2005, 09:43 AM
[Tuesday, March 22, 2005 5:43 AM]

Hi Mark,

The problem I have discovered with MS, they seem to want to bury the small
item you need in 25MB download and don't make it real easy to figure out
which one of those contain the single item you need.

I think I found what I need, though. Thanks for your help.

Lee

NewsArchive
03-24-2005, 09:43 AM
[Tuesday, March 22, 2005 6:48 AM]

>The problem I have discovered with MS, they seem to want to bury the small
>item you need in 25MB download and don't make it real easy to figure out
>which one of those contain the single item you need.

A PITA to the extent that when I was signing distros my version of ChkTrust
was a simple three step process; 1) upload dostro to server, 2) download with
IE and check cert before save, 3) check cert after save. :} I was far too
lazy to install some SDK I didn't otherwise need.

--
Best regards,

Mark

NewsArchive
03-24-2005, 09:44 AM
[Tuesday, March 22, 2005 6:13 PM]

Perfect! Thank you Mark.

Friedrich