我从知名的提供商处购买了一个authenticode证书。
I purchased an authenticode certificate from a well known provider.
现在,我想强烈命名一个程序集,然后对其进行数字签名。
Now I want to strong name an assembly and later on digitally sign it.
这是我到目前为止所做的:
This is what I've done so far:
- 通过运行sn从pfx提取公钥。 exe -p keypair.pfx key.snk
- 在项目属性签名标签上勾选了签署程序集和仅延迟签名复选框。
- 提供key.snk作为使用 签署的密钥文件
- 通过运行sn.exe -tP key.snk 提取的公钥令牌
- 禁用强名称验证我的devbox通过运行sn -Vr *,
- Extracted public key from pfx by running sn.exe -p keypair.pfx key.snk
- Checked both "Sign the assembly" and "Delay sign only" checkboxes on project properties signing tab
- Provided key.snk as keyfile to sign with
- Extracted public key token by running sn.exe -tP key.snk
- Disabled strong name verification on my devbox by running sn -Vr *,
这个想法是禁用团队构建的延迟签名并提供keypair.pfx文件那里。这样,我可以在具有受限访问权限的团队构建服务器上完全签署程序集,但是出于安全原因不在开发程序框中提供私钥。
The idea is to disable delay signing on the team build and provide the keypair.pfx file there. This way, I can fully sign the assembly on the team build server that has restricted access while not providing the private key on the dev boxes for security reasons.
尝试在本地构建程序集,我得到以下错误:
However, when trying to build the assembly locally, I get the following error:
签名时加密失败 assembly'.dll' Bad 提供者版本
Cryptographic failure while signing assembly '.dll' – 'Bad Version of Provider'
有没有人能解决这个问题?
Does anyone have a solution for this?
推荐答案我收到Comodo的回复:
I got a reply from Comodo:
VS2005 / 2008和 authenticationode证书。 (Microsoft 级别)它们不能用于Strong 命名集合。您必须创建您自己的私钥来执行强的名称签名。
There's problem with VS2005/2008 and authenticode certificates. (Microsoft level) They can't be used for Strong Named Assemblies. You have to create your own private key to do the strong name signing.
更多推荐
签名程序集“< assemblyname> .dll”时出现加密失败
发布评论