如何设置发布者的名称为Windows窗体应用程序 [英] How to set the publisher name for a Windows Forms application
问题描述
我创建了一个 Windows窗体应用程序的设置。在Windows 7中安装此设置后,它会显示这样的:
I have created the setup of a Windows Forms application. After installing this setup in Windows 7, it displays something like this:
Name: my application.exe
Publisher: unknown publisher
Type: application
From: my application.exe
我想设置发布者名称。如何设置发布者的名称?
I want to set the publisher name. How do I set the publisher name?
推荐答案
您需要进行数字签名输出代码。我可以开始你了与文章的 签名和检查代码验证码 的
You need to digitally sign the output code. I can start you off with the article Signing and Checking Code with Authenticode.
这样做的整个目的是为了保证你的代码没有被篡改。如果您从证书颁发机构之一购买一个代码签名证书,则可以防止出现在所有你信任这个窗口。
The whole purpose of this is to guarantee your code has not been tampered with. If you purchase a code signing certificate from one of the certificate authorities, you can prevent the "do you trust this" window from appearing at all.
这不是一个简单的任务来设置的,但它可以通过脚本一旦它起来进行,并去。你不会找到一个简单,快速修复答案。
It's not a simple task to set up, but it can be performed with a script once it's up and going. You won't find a simple, quick-fix answer.
下面是最相关的部分的剪切和粘贴。你可能需要进一步阅读来获得你想要什么
Here's a cut and paste of the most relevant sections. You may need to read further to get exactly what you want.
使用MakeCert测试程序生成测试的 X.509证书的。 MakeCert执行以下任务:
Use the MakeCert test program to generate a test X.509 certificate. MakeCert performs the following tasks:
- 创建一个公共/私有密钥对用于数字签名,并将它与您选择的名称
- 联营密钥对,你选择一个出版商的名称。
- 创建一个 X.509证书的,由测试签字您指定的根密钥或者一,结合你的名字密钥对的公共部分。该证书是输出到文件中,系统证书存储区,或两者兼而有之。
- Creates a public/private key pair for digital signatures and associates it with a name that you choose.
- Associates the key pair with a publisher's name that you choose.
- Creates an X.509 certificate , signed by the test root key or one you specify, that binds your name to the public part of the key pair. The certificate is output to a file, a system certificate store, or both.
下面是创建使用Microsoft Internet浏览器3.02 UPD选择一个证书一个例子:
MakeCert Internet Explorer 3.02 UPD Example
The following is an example that creates a certificate using the Microsoft Internet Explorer 3.02 UPD options:
MakeCert -k:c:\KeyStore\MyKey.pvk -n:CN=MySoftwareCompany Cert.cer
在这个例子中,称为证书文件的 Cert.cer的创建。密钥对的公共部分所谓的的myKey 的绑定到出版商的 MySoftwareCompany 的
In this example, a certificate file called Cert.cer is created. The public part of the key pair called MyKey is bound to the publisher, MySoftwareCompany.
您已经生成的证书后,您可以用Cert2SPC程序中创建的软件发行证书的。这个程序包多的 X.509证书的成的 PKCS#7 的签约数据对象。请注意,此方案仅用于测试目的。一个有效的软件发行证书的是从证书颁发机构获得。
下面是一个例子:
After you have generated a certificate, you can create an software publishing certificate with the Cert2SPC program. This program wraps multiple X.509 certificates into a PKCS #7 signed-data object. Note that this program is for test purposes only. A valid software publishing certificate is obtained from a certificate authority. Here is an example:
Cert2SPC MyCert.cer MyCert.spc
这一个包裹的 X.509证书的 MyCert.cer 的成的 PKCS #7软件发行证书的所谓的 MyCert.spc 的
This wraps an X.509 certificate, MyCert.cer into a PKCS #7 software publishing certificate called MyCert.spc.
最后一步是实际签署文件中使用SignCode程序。这一计划将:
1.文件的创建的加密摘要的。
2.注册摘要与你的私钥。
3.复制的 X.509证书的距离的软件发行证书的进入一个新的 PKCS#7 的签约数据对象。在 PKCS#7的的对象中包含的序列号和用于创建签名时,认证证书的发行者,以及签名摘要信息。
4.嵌入对象到文件中。
5.另外,它可以添加一个时间戳的文件。在签署文件时,时间戳应经常补充。然而,SignCode也有时间戳添加到先前签署的文件受到一些限制(请参阅下面的选项表中的示例)的能力。
The final step is to actually sign a file using the SignCode program. This program will: 1. Create a Cryptographic Digest of the file. 2. Sign the digest with your private key. 3. Copy the X.509 certificates from the software publishing certificate into a new PKCS #7 signed-data object. The PKCS #7 object contains the serial numbers and issuers of the certificates used to create the signature, the certificates, and the signed digest information. 4. Embed the object into the file. 5. Optionally, it can add a time stamp to the file. A time stamp should always be added when signing a file. However, SignCode also has the ability to add a time stamp to a previously signed file subject to some restrictions (see the examples that follow the options table).
一旦文件已经签约(假设你有一个有效的证书)和时间标记,该文件可以被分配给客户。请注意,测试程序和MakeCert产生Cert2SPC证书是无效的签署将被分发给公众代码。独立软件供应商必须获得GTE,VeriSign公司,或其他的权威认证的签署,将分发给公众代码证书。
Once the file has been signed (assuming you have a valid certificate) and time stamped, the file can be distributed to your customers. Note that certificates generated with the test programs MakeCert and Cert2SPC are NOT valid for signing code that will be distributed to the public. Independent software vendors must obtain a certificate from GTE, VeriSign Inc., or another certification authority for signing code that will be distributed to the public.
下面是如何注册和时间戳使用Microsoft Internet浏览器3.02 UPD选项的文件的两个例子。第一个使用私人密钥名称的的myKey 的第二个使用一个专用密钥文件的 My.pvk 的:
Here are two examples of how to sign and time stamp a file using the Microsoft Internet Explorer 3.02 UPD options. The first uses a private-key name MyKey and the second uses a private-key file My.pvk:
SignCode -prog MyControl.exe -spc Cert.spc -pvk MyKey -timeStamper http://timestamp.verisign.com/scripts/timstamp.dll
SignCode -prog MyControl.exe -spc Cert.spc -pvk My.pvk -timeStamper http://timestamp.verisign.com/scripts/timstamp.dll
请注意在上面的网址,timstamp.dll是正确的。这不是一个印刷错误。
Note In the URL above, timstamp.dll is correct. This is not a typographical error.
在这两种情况下的PKCS#7对象,Cert.spc,被嵌入到文件的摘要,MyControl.exe。在第一实施例中,摘要是用的myKey密钥对的私钥签名,并添加一个时间戳。在第二个例子中,摘要与专用密钥文件My.pvk签名,并添加一个时间戳。
In both cases a PKCS #7 object, Cert.spc, is embedded into the digest of the file, MyControl.exe. In the first example, the digest is signed with the private key of the MyKey key pair, and a time stamp is added. In the second example, the digest is signed with the private-key file My.pvk, and a time stamp is added.
这篇关于如何设置发布者的名称为Windows窗体应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
