Step 8: Authenticode Signature (UAC)
Step Eight: Authenticode Sign Your Application
The application now contains an application manifest, which will be detected when the application launches. The executable can, however, be tampered with. To prevent this, you should sign the application with an Authenticode signature.
Note
Windows Vista® will have the ability to prevent any unsigned application from launching with a full administrator access token. If you want your application to operate correctly in locked-down environments, while displaying a more user friendly user interface, it should be signed with an Authenticode signature.
To sign the application, you can either generate a certificate from makecert.exe or obtain a code-signing key from one of the commercial certification authorities (CAs), such as VeriSign, Thawte, or a Microsoft CA.
Note
You will need a commercial certificate if you wish your application to be trusted on the target computer of a customer installing your application.
If you use the makecert.exe file to generate your signing key pair, be aware that it only generates a 1024-bit key. Authenticode signatures should have at least a 2048-bit key. The makecert.exe file should only be used for testing purposes.
The following procedure details the high level requirements for using makecert.exe to generate your signing key pair. An example and makecert.exe parameters follow this procedure.
To use makecert.exe to generate your signing key pair
Generate the certificate.
Sign the code.
Install the test certificate.
Example Signing Procedure
The following procedures are provided as examples and are not intended to be strictly followed. For example, replace the test certificate's name with your certificate's name and ensure that you tailor the procedures to map to your specific CA and development environment.
Step 1: Generate the Certificate
makecert -r -pe -ss PrivateCertStore -n "CN=Contoso.com(Test)" ContosoTest.cer
makecert.exe parameters
Parameter |
Description |
|---|---|
/r |
Create self-signed certificate |
/pe |
Makes the certificate's private key exportable to the signing machine. |
/ss StoreName |
The certificate store name that will store the test certificate. Example: PrivateCertStore |
/n X500Name |
The certificate subject's X500 name. Example: Contoso.com(Test) |
CertificateName.cer |
Certificate name. Example: ContosoTest.cer |
Step 2: Sign the Code
Important
Applying a timestamp while signing your application will ensure that the application will continue to run after the validity period of the original certificate.
Signtool sign /v /s PrivateCertStore /n Contoso.com(Test) /t https://timestamp.verisign.com/scripts/timestamp.dll file.exe
Step 3: Install the Test Certificate
To install the test certificate
Launch an elevated command window by right-clicking Command Prompt and selecting Run as administrator.
In Command Prompt, type mmc.exe and press Enter.
In the mmc, select File and then select Add/Remove Snap-in…
In Add or Remove Snap-ins, select Certificates, click Add, and then click OK.
In the Certificates snap-in dialog box, select Computer account and click Next.
In Select Computer, select Local Computer, and then click OK.
In Add or Remove Snap-ins, click OK.
In the Certificates snap-in, and navigate to Trusted Root Certificate Authorities, right-click Certificates, select All Tasks, and then select Import…
In the Certificate Import Wizard, import the test certificate, ContosoTest.cer.
For more information about Authenticode signatures, see the MSDN Web site, for example:
Frequently Asked Questions about Authenticode (https://go.microsoft.com/fwlink/?LinkId=71496)
Microsoft Authenticode Technology (https://go.microsoft.com/fwlink/?LinkId=71361)