How to sign an ActiveX DLL with a Certificate

Question

I have created a DLL that I am exposing via COM that I need to sign with a certificate.

I have created a Visual Studio 2008 project and it has a class library which

Answer 1

Microsoft has a decent whitepaper/tutorial on how to go about doing this:

MSDN Article

Here is the long and short of it: To sign your code

1. Apply for a certificate from a certificate authority. See http://msdn.microsoft.com/workshop/security/authcode/certs.asp for instructions on obtaining a certificate.

2. Get the latest tools for signing files and checking signatures. See http://msdn.microsoft.com/library/default.asp?URL=/library/psdk/crypto/cryptotools_4739.htm.

3. Prepare your files to be signed. If you are signing any .exe, .ocx, .vbd or .dll file, you do not need to do anything special. If you are signing a .cab file, you must add the following entry to your .ddf file and remake your .cab file:

   .Set ReservePerCabinetSize=6144

4. Sign your files using signcode.exe. The following is an example of how you might sign a file:

   Signcode -prog myfilename -name displayname -info http://www.mycompany-inc-10.com - spc mycredentials.spc -pvk myprivatekey.pvk

5. Test your signature:

   • To test a signed .exe, .dll, .vbd or .ocx file, run chktrust filename where filename is the name of the file you signed.
   • To test a signed .cab file, run chktrust -c cabfilename.cab where cabfilename is the name of the .cab file you signed.