Skip to main content

Sign Authenticode files with Visual Studio using KSP library

Visual Studio is an an Integrated Development Environment (IDE) for software development on the Windows platform. It provides a user-friendly interface for writing, compiling, testing, and debugging code. Visual Studio supports multiple programming languages, including C++, C#, Visual Basic, and more.

Follow these instructions to sign with Visual Studio and securely reference your private key stored in DigiCert​​®​​ KeyLocker.

Astuce

Strong name signing is not supported via Visual Studio, refer to Sign strong name assemblies with SignTool.

Prerequisites

Certificate requirements

While Visual Studio allows all publicly trusted certificates, private trust certificates need to meet the following requirements:

  • Key usage

    This parameter defines what the certificate may be used for. Set this parameter to Digital Signature for self-signing certificates.

  • Text extension

    This parameter includes settings for the following extensions:

    Tableau 1. Text extension constraints

    Constraints

    Description

    Extended Key Usage (EKU)

    This extension indicates additional purposes for which the certified public key may be used.

    For self-signing certificates, this parameter should include the extension string "2.5.29.37={text}1.3.6.1.5.5.7.3.3", which indicates that the certificate will be used for code signing.

    Basic constraints

    This extension indicates whether or not the certificate is a Certificate Authority (CA).

    For self-signing certificates, this parameter should include the extension string "2.5.29.19={text}", which indicates that the certificate is an end entity (not a CA).


Configure environment variables

Visual Studio will need to access you private key stored DigiCert​​®​​ KeyLocker to enable signing. To make this possible you need to provide your DigiCert ONE host, API key, and client authentication certificate and password using one of the methods below:

Configure Visual Studio

The Visual studio configuration procedure depends on how you have configured your environment variables in the previous step: