All you need to deploy to the GAC is a strong-name signature. Strong-names are used by the .NET runtime to identify an assembly and include a name, version, and digital signature. A strong-name key file (.snk
) can be generated by the strong-name tool (sn.exe
). Once you have a key file you can use the tool to sign an assembly manually or change your project settings to automatically sign the assembly on build.
There is no certificate authority (CA) involved in verifying these digital signatures. Nothing prevents an assembly from being resigned with a different key, it just wouldn't be your key. I would also note that they are non-revocable so you should keep them safe.
You certainly can use the same key for all assemblies you publish.
More on strong-name signing.
Digital signatures (e.g. Authenticode) are a different mechanism that can identify assemblies and have some additional features. They can be used to verify that an assembly hasn't been tampered with and the certificates are revocable by the CA. Makecert.exe
is a developer tool for creating internal certificates for testing.