我已经创建了我通过COM,我需要一个证书来签署露出一个DLL。
I have created a DLL that I am exposing via COM that I need to sign with a certificate.
我创建了一个Visual Studio 2008的项目,它有一个类库包含代码为我的ActiveX对象。然后,我创建了一个使用它的ASP页:
I have created a Visual Studio 2008 project and it has a class library which contains the code for my ActiveX object. I then created an ASP page that is using it:
<script type="text/javascript"> var x = new ActiveXObject("Foo.Bar"); x.SomeMethod(); </script>
我跑了现场,而且正在一堆安全错误。我跑regasm / TLB /代码库foo.dll并安装了这种方式。我也改变了一堆在IE我的安全设置,以允许我运行未签名的ActiveX控件和一切工作正常。
I ran the site and was getting a bunch of errors with security. I ran regasm /tlb /codebase foo.dll and installed it this way. I also changed a bunch of my security settings in IE to allow me to run unsigned ActiveX controls and everything worked fine.
现在我需要在一个CAB文件打包这件事和证书签名,这样我就不必碰的安全设置(所以用户不必这样做以及)。
Now I need to package this up in a CAB file and sign it with a Certificate so that I don't have to touch security settings (and so users don't have to do this as well).
有人可以让我知道如何做到这一点?我甚至不知道从哪里开始。我创建了一个自签名证书使用makecert.exe工具,但我不知道如何将证书绑到DLL或如何在CAB包所有和使用,在网站上。
Can someone let me know how to do this? I'm not even sure where to begin. I created a self signed certificate with the makecert.exe tool but I"m not sure how to tie the certificate to the DLL or how to package it all up in a CAB and use that in the website.
推荐答案微软如何去这样做一个体面的白皮书/教程:
Microsoft has a decent whitepaper/tutorial on how to go about doing this:
MSDN文章
下面是长期和短期的它:签上你的代码
Here is the long and short of it: To sign your code
申请从证书颁发机构的证书。请参见 msdn.microsoft /workshop/security/authcode/certs.asp 上获取证书的说明。
获取签署文件,并检查签名的最新工具。请参见 msdn.microsoft /library/default.asp?URL=/library/psdk/crypto/cryptotools_4739.htm 。
Get the latest tools for signing files and checking signatures. See msdn.microsoft/library/default.asp?URL=/library/psdk/crypto/cryptotools_4739.htm.
准备您的文件签署。如果您在签署任何.EXE,.OCX,.VBD或.dll文件,你不需要做什么特别的事情。如果您在签署.cab文件,必须将以下条目添加到您的.ddf文件和翻拍您的.cab文件:
Prepare your files to be signed. If you are signing any .exe, .ocx, .vbd or .dll file, you do not need to do anything special. If you are signing a .cab file, you must add the following entry to your .ddf file and remake your .cab file:
。设置ReservePerCabinetSize = 6144
.Set ReservePerCabinetSize=6144
登录使用signcode.exe文件。以下是如何可能签署一个文件的例子:
Sign your files using signcode.exe. The following is an example of how you might sign a file:
Signcode -prog mYfILEname的-name显示名称-info的 www.mycompany-inc-10 - SPC mycredentials.spc -pvk myprivatekey.pvk
Signcode -prog myfilename -name displayname -info www.mycompany-inc-10 - spc mycredentials.spc -pvk myprivatekey.pvk
测试您的签名:
- 要测试一个签名的名为.exe,.dll的.vbd或.ocx文件,运行ChkTrust将文件名,其中filename是您签署的文件的名称。
- 要测试一个签名的.cab文件,运行ChkTrust将-c cabfilename.cab ,其中cabfilename是你签的.cab文件的名称。
更多推荐
如何使用证书签署一个ActiveX DLL
发布评论