<HTML ><HEAD ><TITLE >Securing Code</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+ "><LINK REL="HOME" TITLE="SSL Certificates HOWTO" HREF="index.html"><LINK REL="UP" TITLE="Using Certificates in Applications" HREF="c244.html"><LINK REL="PREVIOUS" TITLE="Securing Files" HREF="x317.html"><LINK REL="NEXT" TITLE="IPSec" HREF="x341.html"></HEAD ><BODY CLASS="SECT1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >SSL Certificates HOWTO</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="x317.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" >Chapter 3. Using Certificates in Applications</TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="x341.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="AEN330">3.4. Securing Code</H1 ><DIV CLASS="SECT2" ><H2 CLASS="SECT2" ><A NAME="AEN332">3.4.1. Micosoft Code</H2 ><P >You can sign your programs and applet to certify that you are the author of such code. It is important for your customes to trust that nobody has tried to insert a virus or a backdoor inside your code. To authenticate your code you need Microsoft Authenticode SDK. You can get it from the Microsoft web site in the MSDN section.</P ><P >Gernerate a certificate as usual but with a Common Name (CN) like “ACME Software Cert”. Have the certificate signed by the CA and convert it to a pkcs12 format.</P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="PROGRAMLISTING" >CA.pl -newreq CA.pl -sign CA.pl -pkcs12 "ACME Software Cert"</PRE ></FONT ></TD ></TR ></TABLE ><P >You get a file called newcert.p12 that you import in the Certificate store by clicking on the file when in Windows.</P ><P >You can now use this certificate for signing your code</P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="PROGRAMLISTING" >signcode -cn "ACME Software cert" -tr 5 -tw 2 -n "My Application" \ -i http://www.acme.com/myapp/ \ -t http://timestamp.verisign.com/scripts/timstamp.dll myapp.exe</PRE ></FONT ></TD ></TR ></TABLE ><P >When you try to install and run your application a dialog will appears with the title “My Application” and with a link pointed by the -i argument.</P ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="x317.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="x341.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Securing Files</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="c244.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >IPSec</TD ></TR ></TABLE ></DIV ></BODY ></HTML >