certificate issues c#

Question

We are in a maintainance proect of a large enterprise application. Now we face to a big poblem. The code-singnig certificate for ms.net proect.that we get from the previous company will expire in 20 days. Nobody in our team has the experience related with the certificate issues. We have some problems.

1. we don`t know how to create a valild certificate, should we pay somewhere or can we do it free
2. We don`t know how to integrate our certificates to our build mechanism.
3. Without certificate we are not able to create msi packages .

Any ideas, any recommendation will be great.

Thank you, in advance

Yaya

Answer 1

Check out this..

http://msdn.microsoft.com/en-us/library/ms537361(VS.85).aspx

This explains everything you need to know about digital signatures and digital certificates. Code-signed deployment is a general practice on some mobile platforms like Symbian where in you can not deploy your application without having it signed from a reliable digital certificate vendor or source that is approved by Symbian.

This is rare on PC platforms but it will eventually catch up later. Having your assemblies digitally signed makes it trustworthy on deployment machines.

Answer 2

If this is an internal application only (i.e security is already provided by corporate infrastructure and certificates are needed to make the deployment process happy) then you can use temporary 'self signed' certificates. Visual studio can do this on the publish tab, or you can use makecert:

makecert -r -pe -n "CN=My Organisation" -b 01/01/2000 -e 01/01/2099 -eku 1.3.6.1.5.5.7.3.3 -ss My