如何使用证书签署一个ActiveX DLL [英] How to sign an ActiveX DLL with a Certificate

问题描述

我已经创建了我通过COM，我需要一个证书来签署露出一个DLL。

I have created a DLL that I am exposing via COM that I need to sign with a certificate.

我创建了一个Visual Studio 2008的项目，它有一个类库包含代码为我的ActiveX对象。然后，我创建了一个使用它的ASP.net页：

I have created a Visual Studio 2008 project and it has a class library which contains the code for my ActiveX object. I then created an ASP.net page that is using it:

<script type="text/javascript">
    var x = new ActiveXObject("Foo.Bar");

    x.SomeMethod();
</script>

我跑了现场，而且正在一堆安全错误。我跑regasm / TLB /代码库foo.dll并安装了这种方式。我也改变了一堆在IE我的安全设置，以允许我运行未签名的ActiveX控件和一切工作正常。

I ran the site and was getting a bunch of errors with security. I ran regasm /tlb /codebase foo.dll and installed it this way. I also changed a bunch of my security settings in IE to allow me to run unsigned ActiveX controls and everything worked fine.

现在我需要在一个CAB文件打包这件事和证书签名，这样我就不必碰的安全设置（所以用户不必这样做以及）。

Now I need to package this up in a CAB file and sign it with a Certificate so that I don't have to touch security settings (and so users don't have to do this as well).

有人可以让我知道如何做到这一点？我甚至不知道从哪里开始。我创建了一个自签名证书使用makecert.exe工具，但我不知道如何将证书绑到DLL或如何在CAB包所有和使用，在网站上。

Can someone let me know how to do this? I'm not even sure where to begin. I created a self signed certificate with the makecert.exe tool but I"m not sure how to tie the certificate to the DLL or how to package it all up in a CAB and use that in the website.

推荐答案

微软如何去这样做一个体面的白皮书/教程：

Microsoft has a decent whitepaper/tutorial on how to go about doing this:

<一个HREF =htt​​p://msdn.microsoft.com/en-us/library/aa231196%28v=vs.60%29.aspx相对=nofollow> MSDN文章

下面是长期和短期的它：
签上你的代码

Here is the long and short of it: To sign your code

1. 申请从证书颁发机构的证书。请参见 http://msdn.microsoft.com /workshop/security/authcode/certs.asp 上获取证书的说明。

获取签署文件，并检查签名的最新工具。请参见 http://msdn.microsoft.com /library/default.asp?URL=/library/psdk/crypto/cryptotools_4739.htm 。

Get the latest tools for signing files and checking signatures. See http://msdn.microsoft.com/library/default.asp?URL=/library/psdk/crypto/cryptotools_4739.htm.

准备您的文件签署。如果您在签署任何.EXE，.OCX，.VBD或.dll文件，你不需要做什么特别的事情。如果您在签署.cab文件，必须将以下条目添加到您的.ddf文件和翻拍您的.cab文件：

Prepare your files to be signed. If you are signing any .exe, .ocx, .vbd or .dll file, you do not need to do anything special. If you are signing a .cab file, you must add the following entry to your .ddf file and remake your .cab file:

。设置ReservePerCabinetSize = 6144

.Set ReservePerCabinetSize=6144

登录使用signcode.exe文件。以下是如何可能签署一个文件的例子：

Sign your files using signcode.exe. The following is an example of how you might sign a file:

Signcode -prog mYfILEname的-name显示名称-info的 http://www.mycompany-inc-10.com - SPC mycredentials.spc -pvk my​​privatekey.pvk

Signcode -prog myfilename -name displayname -info http://www.mycompany-inc-10.com - spc mycredentials.spc -pvk myprivatekey.pvk

测试您的签名：

• 要测试一个签名的名为.exe，.dll的.vbd或.ocx文件，运行ChkTrust将文件名
  ，其中filename是您签署的文件的名称。


• 要测试一个签名的.cab文件，运行ChkTrust将-c cabfilename.cab
  ，其中cabfilename是你签的.cab文件的名称。

这篇关于如何使用证书签署一个ActiveX DLL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！