Create certificate file and Signing a Cab with cer file

Question

4.00/5 (1 vote)

See more:

hello everybody

i have a cab file and i want to put it in my web page as a OBJECT (contains my activex control)
i have used makecert.exe by this command to generate the MyCert.cer and MyCert_PK.pvk files

C++

makecert -ss MyCertStore MyCert.cer -sv MyCert_PK.pvk

then i have used this command for signing my cab file :

C++

signtool sign /f MyCert.cer  /csp "Microsoft Strong Cryptographic Provider" /kc MyCert_PK.pvk MyFiles.cab

but execution of that was failed and its message is :

SignTool Error: The specified private key does not match the public key of the
selected certificate.

what else i must done befor these steps for signing my cab file ? or what am i doing wrong in this case ?

Posted 3-Jul-12 3:05am

Areff

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Tim Corey · Answer 1 · 2012-07-03T03:23:00

It looks like you have a few issues in your process. The error message you are getting basically means "your SSL cert is messed up". The first issue I see is in your makecert process. You are missing some switches that are required to make a proper cert file. Beyond this, using a local cert like this should only be for testing, and not for your live application. For your live application, you should be using a real cert from GoDaddy, Thawte, or one of the other providers. In the meantime, however, here is a good resource on making your own cert:

http://msdn.microsoft.com/en-us/library/aa140234(v=office.10).aspx[^]

Once you get to the point of using the signtool, I would recommend using the wizard. It is so much better at showing you what you need to do next compared to the command line. Here is a tutorial on how to do that:

http://www.thegeekstuff.com/2010/03/microsoft-digital-signatures/[^]