The Authenticode File action enables you to automate Authenticode signing of your executable files during your build.
This action requires your Authenticode Signing Certificate to be in a PFX file.
Many CAs provide certificates in two files: an SPC and a PVK. See below for details on converting these to a PFX file.
Creating a PFX File
To make the PFX, you need to use a Microsoft tool called PVKIMPRT. PVKIMPRT is included as part of the Windows Platform SDK, or can be obtained directly at .
Open a Command Prompt, switch to the directory that contains your certificate files and type:
pvkimprt -PFX mycert.spc mykey.pvk
(Replace the mycert and mykey file names where required).
You will be prompted to enter your private key password (if set.) A dialog will appear with the certificate export wizard. Make sure you select 'Yes, export the private key', and 'Include all certificates in the certification path if possible' options. You are then prompted to enter a password: this is the password you will use for code signing with the created PFX (it should be secure.) Finally, you will prompted for a location to save the new PFX file.
Details
Certificate properties
Certificate PFX file
The Personal Information Exchange to use in the signing process for the application.
PFX file password
The password for the Personal Information Exchange file so that the signing can take place.
Signing properties
Description
This field contains the description information which is shown when Windows prompts the user to confirm they want to run the executable (ie the first time a downloaded program is launched, or when a UAC confirmation dialog is shown.)
Description URL
This field contains the URL information which is shown when Windows prompts the user to confirm they want to run the executable (ie the first time a downloaded program is launched, or when a UAC confirmation dialog is shown.)
Timestamp
Timestamp server URL
The URL to the time server to use for timestamps when signing occurs.
Target
File to sign
The path to the file to sign.
License Information
This action includes source code from StreamSec. Its license is reproduced below:
StreamSec LICENSE
Copyright (c) 2004, Henrick Wibell Hellström, StreamSec
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of StreamSec nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS
OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.