Rob MacFadyen writes:
Ok.. so to automate signcode such that is does not prompt
for a password the steps are as follows:
- Get the keyimprt.exe tool
Note: This is a self extracting exe that expands into another self
extracting exe (named the same), that then extracts to an
installer. The installer then installs 2 files (again the .exe name
is the same)
- Import your .SPC and .PVK using the tool and instructions
from #1. This will ask for your password. Pick the store
explicitly, and pick the “Personal” store.
- Use the “certmgr.exe” tool to view your new key and
determine what it’s common name (cn) is. You can start certmgr.exe
from IE by Tools->Internet Options, then on the “Content” tab
click the “Certificates…” button
- Use signcode.exe as follows (line breaks add for
-cn "Your Cert CN"
Note: If you specify the “YourFileToSign” incorrectly you get a
cryptic message: “One or more input parameters are invalid.”
instead of a more useful “file not found” message (there’s 2 hours
I’ll never get back).
That’s it… you may also want to include the “-info” switch
to add a url that is displayed to the user as “more