No announcement yet.

Code Signing Certificate

  • Filter
  • Time
  • Show
Clear All
new posts

  • Code Signing Certificate

    So, our programmers need a code signing certificate. Before I go out and buy one, I thought I'd see what I can do in-house, seeing as we have a paid-for root certificate and all.

    It's easy enough to export a pfx from the root cert, and that tests fine for them. But, I don't want them with a private key cert to an app they're writing that will have carte blanche on the domain. So, what I'd like to try is this: Edit the root cert, unchecking all roles except for code signing, and export it like that. Then, immediately re-edit the root cert and put all the roles back. Will that work? I feel like it won't, but I can't say why. And I'm hesitant to try it. We use that root cert for our radius server, among other things, and am not interested in messing it up.

    I can also export a .cer from a public cert. I've looked around for "convert cer to pfx," but that doesn't look like a real thing. There's some how-to's, but I'm not having any luck.

    Yeah, I know, those code signing certs are pretty cheap to buy. How else am I gonna learn, though?

    Anyone have any experience with this? Any input is totally appreciated.


  • #2
    Re: Code Signing Certificate

    Code Signing Certificate use digital signatures to verify identity of the content's creator. code signing is absolutely critical for securing the delivery of content to the consumer.

    As you say code sign certificate is not really costly you can buy it at around $125 per year.