I ONLY have .crt file with me which I purchased from Comodo. No private key or any thing. How can I use this to sign my code and get rid of "publisher unknown" issue in my installer. I have used Inno-Setup for creating the installer too. Code is in C Sharp. I tried to use sign tool and openssl but I don't have any other file than this user.crt file. I just can get .cer format using .crt and thats all. Appreciate any help
Usually, you need sign the application from PC where you are registered Comodo certificate. The private key saved by your browser in the local storage.
You cannot sign files with a public key only.
You need the private key.
If it were possible to sign files with a public key only, anyone could sign malicious content with your public key.
Related
I have just private key available in a plain text file. How to import that into keystore (via keytool or some other tool) without the certificate? Or, is there a way to generate a certificate file w.r.t the given private key file?
I am working on Box service account authentication. I need to store the private key (downloadable from box as a plain text file containing the key) into my keystore via command line utility.
I have tried just putting private key into keystore via keytool. It says "unable to load certificates". I tried to see if we can generate respective certificate from the private key file. No solution. I tried just putting in private key without certificate. Don't know how to do that.
No code required here. Just importing of private key plain file into keystore.
I have created the .pvk and .cer files using the makecert.exe (on commandline) as per - https://msdn.microsoft.com/en-in/library/ff699202.aspx
In my folder the .pvk and .cer files are available. However, when I run the pvk2pfx utility, the .pfx is not created instead I get a prompt for how to use the utility.
Attached is the screenshot of the cmd prompt. I've also tried it at the MSVC bin folder and the behavior is the same.
Kindly help.
makecert and pvk2pfx - Command Screen Shot
You need code sign certificate with private key. Generate request, send it to CA, buy code sign certificate, place certificate into certificate store and use signtool. Specify thumbprint of codesign certificate when using signtool.
More info can be found here.
Documentation on signtool can be found here.
What is the difference between a certificate in a .cer file and one in a .p12 file? Are they just in different formats?
How do I extract the private key and public key from the .p12 file? Can this be done using Java keytool?
Thanks in advance.
You can export from PKCS12 to JKS using Java Keytool.
Please check this link: https://www.tbs-certificates.co.uk/FAQ/en/626.html.
If you want something else. I can provide Java code for getting the certifcate and private key from PKCS12.
What is the utility of .p12 file/certificate? I am not getting any correct definition when searching the internet:
In one site I got "it stores server side certificates along with intermediate certificates and private key in one file. Its mostly used in Windows Machine"
In another site i got "it binds a organizations public key with its name.
My question is whether its public key or private key which is included in the .p12 certificate.
The .p12 contains both the private and the public key, and also information about the owner (name, email address, etc. ) all being certified by a third party. With such certificate, a user can identify himself and authenticate himself to any organization trusting the third party.
You should be able to see the content of the p12 file with
openssl pkcs12 -info -in filename.p12
provided openssl is installed in your system.
I want to export the certificate and private key from one machine to another so I can reuse the provisioning profile.
There's a private key under the certificate in keychain access.
1)I exported the the certificate as certifcate .cer file then I imported that from another machine. However , it's missiong the private key. and xcode on the new machine complaining no valid signing key available for the imported provisioning profile.
2) Next I try to export the certificate and the private key as personal information exhange .p12 format, this time it prompted me to input a password which I did.
3)I imported the .p12 file into the new machine, this time the new machine complaining error, cannot read the contents.
So, what should I do to properly export both the certificate and private key and import them into the new machine.
Hope it may help you
In Keychain, select three items: Your private key, public key and the cert from Apple
CMD+Click to select "export 3 items"
and you will export one .cer file. Then double click to import the file without keying any password to protect so.
or you should import cert first and then import both public and private key.
Make sure you also have the Apple Developer Relations Root CA certificate in your keychain. That is what is used to verify the certificate. See in your keychain access whether it has been paired correctly.
With Xcode 5.0+, this has become very simple.
1. On the computer with the developer credentials,
Goto Xcode->Preferences->Accounts.
Click on the gears to export the profile. Choose a password as it includes all your credentials of apple-developer program.
2. Share the exported file with the new computer.
3. Import the profile in your Xcode->preferences->Accounts.