Getting rid of the "Unidentified Publisher" message

From Ben's Writing

Jump to: navigation, search

Introduction

The following assume that you have administrative rights and that you have Visual Studio 2005 at a minimum installed it's "common" tools in your path (i.e. C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\Bin).

For some general information on some of the tools used see:

The ones we use are:

The cheap and dirty way 

makecert -r -pe -sr LocalMachine -ss PatchStore -n "CN=PatchCert" patch.cer

signtool sign /v /s PatchStore /n PatchCert /t \
         http://timestamp.verisign.com/scripts/timestamp.dll patch.exe

certmgr -add patch.cer -s -r LocalMachine Root

signtool verify /v /pa patch.exe

Further comments to come.

The long, tedious and—ultimately—useful way 

makecert -r -sr LocalMachine -ss CondorStore \
         -n "CN=Condor Project Root Certificate Authority" \
         -sv CondorRootCA.pvk -a sha1 -sky signature \
         CondorRootCA.cer          

makecert -sv CondorCodeSigningCA.pvk -iv CondorRootCA.pvk \
         -n "CN=Condor Project Software Code Signing CA" \
         -ic CondorRootCA.cer CondorCodeSigningCA.cer 

pvk2pfx.exe -pvk CondorCodeSigningCA.pvk -spc CondorCodeSigningCA.cer \
            -pfx CondorCodeSigningCA.pfx -po PASSWORD2



signtool sign /f CondorCodeSigningCA.pfx /p PASSWORD2 /v /t \
         http://timestamp.verisign.com/scripts/timestamp.dll patch.exe

certmgr -add CondorRootCA.cer -s -r LocalMachine Root

signtool verify /v /pa patch.exe

Run patch.exe. Vista should detect the publisher of this EXE file as "Condor Project Software Code Signing CA".

Retrieved from "http://ben.versionzero.org/wiki/Getting_rid_of_the_%22Unidentified_Publisher%22_message"
Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox