Time to renew certificates... sigh/deep breath.

Renewed SB (tx Friedrich), did the comms. with Comodo - after a week of to
and got the certificates downloaded - apparently... where are they <G>
Went to Jane's resource and some light dawned.

I'm using Firefox , so I went to Options->Advanced->Certificates, and there
it is, in Certificate Manager.
I clicked 'Backup' (the only relevant option - see attached), and then I got
the (forced) option to save to a '.p12' file (see attached).
Did as directed, so I now have my certificate in 'MEcert.p12'

What now??

This is intended to be used on .NET POS systems, most of which run on the
POS-ready version of XP... a few on Windows7.
Probably best then if I use SHA1; but how?

Can I get some simple steps how to get from my 'p12' file to a '.spc' or a
'.pvk', or whatever?
Clearly I haven't a clue what I'm doing to integrate this 'p12' baby with
SetupBuilder. ...

TIA!

Steve

Hi Steve,

Just rename your .p12 extension into .pfx and you are done. There is no
difference between a .PFX and .P12. Both are PKCS #12 files (Personal
Information Exchange Syntax). Both file extensions (.pfx and .p12) refer to
files that contain PCKS #12 content.

Microsoft does not support the generation of certificates in form of
..spc/.pvk any longer on modern operating systems. You can convert a .pfx to
..spc/.pvk and use it with SignCode.exe, but it is not recommended. Just use
the new .pfx with SignTool.exe.

The default code-signing option is SHA-1, but your new certificate is ready
for SHA-2 (SetupBuilder 8.5 already supports it).

Does this help?

Friedrich

-- Does this help?

Its a start <G>

So I put the .pfx in the appropriate 'slot' in SB, then cleared the contents
of the Credentials and Private Key fields .

But when I try to compile SB I get the attached errors.
Ok, I used SignTool ... and *I* supplied the entries in the fields for Cred.
& PK - ok?

But still error, as attached

Steve Bywaters

The file Location dialog has SignCode, not SignTool....

Steve Bywaters

It's time for dinner! ;-)
I'll have another go tomorrow....

Steve Bywaters

Steve,

> -- Does this help?
>
> Its a start <G>

<g>

The compiler reports a preprocessor error. So you are still using your old
..spc/.pvk in one of your pre-processors in the script (e.g. to code-sign
your own application files). Please change this to your new .pfx, too.

Friedrich