最近項目安裝包要搞數字簽名,申請Symantec的證書后,具體簽名方法如下,使用signtool工具
方法如下:
SHA-1 with Timestamp
signtool.exe sign /a /s MY /n "Common name" /fd sha1 /t http://timestamp.verisign.com/scripts/timstamp.dll /v "<file to be signed>"
SHA-256 with RFC 3161 Timestamp
signtool.exe sign /a /s MY /n "Common name" /fd sha256 /tr http://sha256timestamp.ws.symantec.com/sha256/timestamp /v "<file to be signed>"
Note: Replace <password> with the password specified when the PFX file was created (omit /p if there was no password set). Replace <file to be signed> with the name of the file you will be signing.
Note: If you are signing the file by use a certificate stored in a password protected PFX file, simply use the arguments "/f YourCertFileName.pfx /p pfxpassword" instead of "/a /s MY /n "Common name" in the command.
注意:Common name 是已經導入到電腦里證書名