1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How do I "sign" a program

Discussion in 'Windows 7' started by Mark F, Apr 2, 2010.

  1. Mark F

    Mark F Flightless Bird

    How do I "sign" a file that I have not created.

    The "signature" would only be valid for the specific computer that
    I sign the file on.

    The usage would be that I would get a file from a third party verify
    that I trust the file, then sign the file with my own local signature.

    This way I could get unsigned software and not have to repeatedly
    tell my Windows 7 system that it was OK to run the unsigned software
    as Administrator.
     
  2. Dave-UK

    Dave-UK Flightless Bird

    "Mark F" <mark53916@gmail.com> wrote in message news:q22cr552aseal90p7lema3jp287a43tn98@4ax.com...
    > How do I "sign" a file that I have not created.
    >
    > The "signature" would only be valid for the specific computer that
    > I sign the file on.
    >
    > The usage would be that I would get a file from a third party verify
    > that I trust the file, then sign the file with my own local signature.
    >
    > This way I could get unsigned software and not have to repeatedly
    > tell my Windows 7 system that it was OK to run the unsigned software
    > as Administrator.


    I'm not a programmer but I think the file is signed at creation with a digital
    certificate. It's not something you can do to somebody else's file.
    The software you are trying to run needs to be updated to run with UAC enabled.
     
  3. Joe Morris

    Joe Morris Flightless Bird

    "Mark F" <mark53916@gmail.com> wrote:

    > How do I "sign" a file that I have not created.
    >
    > The "signature" would only be valid for the specific computer that
    > I sign the file on.
    >
    > The usage would be that I would get a file from a third party verify
    > that I trust the file, then sign the file with my own local signature.
    >
    > This way I could get unsigned software and not have to repeatedly
    > tell my Windows 7 system that it was OK to run the unsigned software
    > as Administrator.


    Try looking at the code-signing tools documented on MSDN:

    signtool.exe (don't use the obsolete signcode.exe utility)
    http://msdn.microsoft.com/en-us/library/8s9b9yaz.aspx

    cert2spc.exe
    http://msdn.microsoft.com/en-us/library/f657tk8f.aspx

    makecert.exe (this is the one from .NET 3.5)
    http://msdn.microsoft.com/en-us/library/bfsktky3.aspx

    These utilities will give you the ability to create your own self-signed
    code-signing PKI certificates and use them to sign executables.

    The MSDN documentation for the commands meets Microsoft's usual low
    standards for clarity when read by someone not intimately familiar with the
    subject. You'll probably need to play around with the tools to figure out
    just which of the switches you need; I suggest that once you figure out what
    works you save a text file with the exact command text used so that next
    time you can refer to your notes rather than again flailing around with the
    command line switches.

    Joe Morris
     

Share This Page