Re: How to deploy real cert in packaged .exe (VS 2005, .net cf 2.0 sp2, WM 5.0)

On May 20, 2:59 pm, NET CF Questions <dotnetcfquesti...@xxxxxxxxx>
wrote:
We are developing an application for a Windows Mobile 5.0 device using
VS 2005, .net cf 2.0 and currently when we deploy it to the device for
testing we get the following error;
"The program is from an unknown publisher ...(etc)"

When we go to package this for real use (not test), what are the steps
we need to follow so this warning doesn't appear on the device?

I have seen the instructions here:http://ce4all.blogspot.com/2007/04/siging-windows-mobile-application-...

but is that for the real environment or just the test environment?

What certs and signings do I need to include how (the steps in VS 2005
please) to do this for a real app?

I would like to bump this thread with an added question/issue.

First of all, there are plenty of information on the web and this
forum about certificates and code-signing, but the problem I'm facing
are the following:

1. Why is it so difficult to use chained certificate for code-signing
with WM devices? One of the source I ran across mentions that it's an
issue with WM 5 and 6. Can someone confirm this so that I might get a
more appropriate certificate?

2. How in the world can one sign a CAB file so that the certificate
is also deployed in one step without the "unknown publisher" message
being displayed? Is it a catch-22 situation where the certificate
must be installed before the CAB can be run without the warning?

I must have read at least 20 different sources on this topic and the
solution still eludes me. Why can't WM code-signing be as easy as
it's for normal PC's OS? Are there reasons why the Cert Vendors make
it so difficult or are WM devices not quite ready-for-prime-time for
these processes to be in place?

- Jin
.

Relevant Pages

  • Re: Code signing, trusted publishers, and expiration dates?
    ... While it is certainly possible to create your own self-signed code-signing ... If you have a self-signed certificate you probably have no mechanism for ... our installation program just install our certificate onto their machine's ... trusted publisher store as a way to avoid them receiving what to them ...
    (microsoft.public.platformsdk.security)
  • Re: How to deploy real cert in packaged .exe (VS 2005, .net cf 2.0 sp2, WM 5.0)
    ... certificate already installed on the device. ... or create a cab file specifically to deploy your own ... certificateand have this signed with a Mobile2Market certificate - once ... Why can't WM code-signing be as easy as ...
    (microsoft.public.dotnet.framework.compactframework)
  • Re: IE6 SP1 Certificates not usable
    ... some other purpose (e.g. code-signing)? ... Exactly what do you mean by "can no longer use the certificate .." ... > not show up for usage. ...
    (microsoft.public.security)
  • Re: Alternative timestamp urls for signcode?
    ... > Is there any way to timestamp a cab file not using the VeriSigh ... > signed the cab file with a certificate using singcode.exe and I also ...
    (microsoft.public.platformsdk.security)
  • Re: How to deploy real cert in packaged .exe (VS 2005, .net cf 2.0 sp2, WM 5.0)
    ... visual studio signing authority". ... certificate already installed on the device. ... or create a cab file specifically to deploy your own ... we need to follow so this warning doesn't appear on the device? ...
    (microsoft.public.dotnet.framework.compactframework)