This article explains an introduction on how to use a Code Signing Certificate (also known as a Software Publishing Certificate) which can be used to digitally sign software.
IT Services provides free Code Signing Certificates via the InCommon Certificate Service. Code signing certificates (also known as Software Publishing Certificates) can be used to digitally sign software executables and scripts. The digital signature can help users of the signed software to confirm that the software is genuine by authenticating the source of the software (i.e. who published it) and verifying the integrity of the content (i.e. the code hasn't been modified since signed).
Uses of Code Signing Certificates include:
Once you have received a Code Signing Certificate via email you can immediately begin signing and distributing your software. The typical process for signing code includes using a utility program (such as signcode.exe, codesign, or signtool) that does the following (at minimum):
The specific method for doing so varies according to what software and environment you are using and is outside the scope of this document; however here are some links to useful starting points to learn more:
The digital signature for your software can be valid beyond the lifetime of your Code Signing Certificate if you use timestamping. This service is provided by Comodo at the URL http://timestamp.comodoca.com/authenticode. For more information please see: Comodo Knowledge Base: "Timestamping"
|Keywords:||Authenticode csc ca x.509 signature cert certificates x509 "code signing" "software publish" "certificate authority" incommon comodo tls pki||Doc ID:||19495|
|Owner:||James C.||Group:||University of Chicago|
|Created:||2011-08-02 18:00 CST||Updated:||2013-11-12 11:33 CST|
|Sites:||University of Chicago|
|Feedback:||2 0 Comment Suggest a new document|