OK, got past that hurdle. i was also able to successfully sign a script using SignTool. Just trying to figure out the process to verify the signature, getting this:
SignTool Error: A certificate chain processed, but terminated in a root
certificate which is not trusted by the trust provider.
But if I look at the path, it looks OK.
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise
Architecture and Engineering Services
Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
[email protected]
The Guardian Life Insurance Company of America
www.guardianlife.com
From: Christopher Bodnar <[email protected]>
To: "NT System Admin Issues" <[email protected]>
Date: 04/16/2012 10:40 AM
Subject: Re: code signing certificate ?
Yes, and are great, but I'm not importing directly from the web site like
he was able to. I've got the SPC and PVK files and now need to somehow
import them into the certificate store. That is where I'm stuck. I've just
found this link which seems to be promising:
http://ellisweb.net/2008/08/signing-code-using-pvk-and-spc-files/
But isn't taking the password that I was given by our security guys. I'll
have to check on that.
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise
Architecture and Engineering Services
Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
[email protected]
The Guardian Life Insurance Company of America
www.guardianlife.com
From: Mack Bolan <[email protected]>
To: "NT System Admin Issues"
<[email protected]>
Date: 04/16/2012 10:05 AM
Subject: Re: code signing certificate ?
Have you looked at Webster's instructions yet?
Mack S. Bolan
On Mon, Apr 16, 2012 at 8:58 AM, Christopher Bodnar <
[email protected]> wrote:
OK, the Security team has now provided me the SPC file.
What I'm looking for is how to install the certificate with these 2 files
(SPC, and PVK). According to the information I've found online you should
be able to do this:
pvkimprt -import 1.spc myprivatekey.pvk
Which will them launch a wizard, or you can export directly to the PFX
file by using this:
pvkimprt -PFX 1.spc myprivatekey.pvk ISDCert.pfx
Neither seems to be working for me. I get this error:
Command line option syntax error:
I'm doing this from a W7 machine
Thanks
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise
Architecture and Engineering Services
Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
[email protected]
The Guardian Life Insurance Company of America
www.guardianlife.com
From: Lora Cates <[email protected]>
To: "NT System Admin Issues" <[email protected]
>
Date: 04/16/2012 09:42 AM
Subject: Re: code signing certificate ?
I found this in the NTSys Archives:
http://carlwebster.com/how-to-digitally-sign-a-microsoft-powershell-script-with-a-third-party-code-signing-certificate/
-lc
From: Christopher Bodnar <[email protected]>
To: NT System Admin Issues <[email protected]>
Sent: Monday, April 16, 2012 8:21 AM
Subject: code signing certificate ?
All help is appreciated , have never done this before.
We are going to start signing our scripts. I requested a code signing
certificate from our Security group, we use Verisign. They handle all the
Verisign certificates. They gave me back a *.PVK file. Shouldn't there
also be a *SPC file as well? I've been looking at this for documentation
on how to import the certificate:
http://support.godaddy.com/help/5087
Wanted to verify this first, before I go back to our Security group.
Thanks
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise
Architecture and Engineering Services
Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
[email protected]
The Guardian Life Insurance Company of America
www.guardianlife.com
----------------------------------------- This message, and any
attachments to it, may contain information that is privileged,
confidential, and exempt from disclosure under applicable law. If the
reader of this message is not the intended recipient, you are notified
that any use, dissemination, distribution, copying, or communication of
this message is strictly prohibited. If you have received this message in
error, please notify the sender immediately by return e-mail and delete
the message and any attachments. Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin<<image/jpeg>>
<<image/jpeg>>
<<image/jpeg>>
