1. Install the signing tool
After the certificate is issued, you need to use the signing tool to sign the application for Windows, drivers, and Adobe air files. Asia Integrity Digital Signature Tool integrates graphical and command integration, comprehensive functions, simple and easy to use, so it is recommended to use Asia Integrity Digital Signature Tool Signing Code program. The download address of the tool is as follows:
http://www.trustasia.com/solutions/signtools.htm Run the tool after downloading and installing.
2. Certificate format conversion
Since the user receives a PEM code signing certificate, the PEM format needs to be converted to PFX format certificate before the program software can be digitally signed in the digital signature tool.
Certificate conversion It is recommended to use an online certificate format conversion tool (e.g., Asia Integrity Online Format Conversion Tool http://www.trustasia.com/tools-cert-converter or use an openssl tool for local certificate conversion. Note: Since the user did not upload the PEM private key, the "PEM private key password" does not need to be filled in in the Asian integrity certificate format conversion.
3. Certificate import
Take the Asian Integrity Digital Signature tool as an example, select the "Certificate Management" tab and click "Import"
Select the certificate to be imported locally, and fill in the user-defined "keystore password" when the certificate format is converted
After submitting, return to the certificate management interface and click Repair certificate chain in the lower left corner.
4. Set up signature rules
Go to the Signature Rules tab and click Add to set the rules (if you already have a signature rule, you can edit and change it).
In editing rules, there are three main edits: 1) setting the rule name 2) setting the certificate 3) checking the timestamp Formulate a rule name. For easy memorization, set a memorable and distinctive rule name (e.g., naming with the filing year) Set up certificates. Depending on the signature authentication algorithm category of the certificate, select Import certificate. Checking the timestamp timestamp service avoids the need to resign and republish the code signing certificate after it expires.
Click OK to complete the signature rule settings
5. Certificate signing
In the Digital Signature tab, drag the document you want to sign into the text box or click "Add File" to load the signed file, and click "Digital Signature".
Signature rules are selected from the rules that have been added. The signing scheme is selected based on the nature of the certificate.
Certificate options:
1. If you have SHA1+SHA2 dual certificates, select the "Dual Signature" scheme.
2. Only SHA256 certificates, select the "SHA256" signature scheme.
3. Several other signature schemes are used in special situations according to specific needs. Users can choose between application mode or drive mode depending on the nature of the program they have developed. The driver development selects the drive mode, and the other choose the application mode.
After selecting the signing mode, the program code is signed.
| 
Posted on 3/9/2018 1:45:14 PM
|
|
|
|
Posted on 3/9/2018 4:38:13 PM