How do I set the publisher when generating a code signing certificate through Microsoft Certificate Services 2003
https://stackoverflow.com/questions/1407914
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am attempting to sign a ClickOnce manifest using a certificate generated from Certificate Services 2003 (by going to http://cert-server/certsrv, and requesting a code-signing cert from the browser). When I install the application through ClickOnce, the Publisher of the application shows up as my personal name, rather than the name of the company.
For obvious reasons, I would prefer to have a cert issued that is not tied to a specific user, but the corporation. How can I do this through Certificate Services?
Solution
You will need to log into your Certificate Authority and use the Certificate Manager Tool to create a certificate with the desired name. You will first have to create the certificate by using the /add option. At this point, it will only exist in the CA's certificate store. Then, use the /put option so that it will output a X.509 certificate file. You can then take that file and install it on the developer machines (simply by double-clicking the file). The certificate will then exist in the Certificate Store, and thus will be available when you select the certificate you wish to sign with.
Visual Studio will also let you reference the certificate file directly, but leaving your certificate out in plain sight for anyone to use really undermines the "security" aspect of your certificate infrastructure. It seems more convenient but has obvious consequences.
On a side note, at my company we actually like the fact that the primary developer's name appears on the certificate. It conveys accountability and ownership.
