Results 1 to 10 of 42

Thread: Don't order Comodo Certificate from a VISTA machine

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1

    Default Don't order Comodo Certificate from a VISTA machine

    I decided to start a new thread because started to go off topic.

    Code-signing under VISTA has probably been hammered to death elsewhere on this forum, but it bears repeating. Turns out ordering the certificate wrong wasn't all my idea. Take a look at the two screen captures below, the first VISTA, the second XP. Because the machine I used was running VISTA, I was never even given the option to order the certificate the way it should be ordered for SetupBuilder, as an .spc file and a .pvk key. Same website, same browser, different screens. In the XP version, the default should be changed to "In the file" from "In the CSP." In the VISTA version, that line is missing entirely.

    Anyway, Comodo bent over backwards to make it right. They issued credit for the single file certificate and, within minutes, sent me the two-file version. Impressive! For what it's worth, here are my recommendations for getting a Code-Signing Certificate and avoiding the hassles:

    DO order the $200 three-year special from Lindersoft. You'll save yourself the very large headache of not having to renew every year, and enough cash to almost buy SetupBuilder.

    DO change your account name and password if you already have an account with Comodo and you're ordering (or renewing) through Lindersoft.

    DO set up an email box at your domain, i.e., then change your WHOIS email contact address with your Registrar to that email box before you place the order with Lindersoft. Comodo will not issue the certificate to another mailbox.

    DO have your DUNS number ready. If you don't have a Dun & Bradstreet number, plan on faxing documents to Comodo that prove your company is who and where you say it is.

    DON'T order from a VISTA machine. See above. The rocks I'm now throwing at this miserable OS are getting bigger.

    DO make sure you see the radio buttons "In the CSP" and "In the file," then tick "In the file" and enter the name you want on the certificate (such as C:\MyCompany). Go there to collect both the .spc and .pvk file after the transaction.

    DON'T order the certificate in the CSP wrapper. It's useless that way unless you own Visual Studio and the SDK. Before you can even think about exporting the .spc and .pvk files, you need to convert the certificate to a .pfx file. Then, with command-line conversion tools downloaded from Shining Light Productions, to .pem files, then from there . . . you get the idea. Until last Sunday, I didn't even know what a .pem file was! To find out what you're up against, see While entering the .pfx file into SetupBuilder is an option, my guess is you still need the .spc file and your .pvk key.

    DO make copies of both your .spc certificate and your .pvk key file and store them where you can find them. The certificate is no good without the key, and Comodo can't give you another one.

    DO write down the password you assigned to your .pvk key. The key is useless without the password, and that's another thing Comodo can't give you.

    Friedrich, did I miss anything?

    Hal Heindel
    Attached Images Attached Images   
    Last edited by linder; 06-03-2014 at 06:13 AM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts