Skip to main content

CSP library

DigiCert​​®​​ Software Trust Manager CSP is a library-based client-side tool that implements the Crypto API (CAPI) supported in Windows 2008 and later.

The CSP integrates with Microsoft signing tools that are built with Legacy CSP architecture. The CSP takes a hash-based approach when signing requests that do not require transportation of your files and intellectual property.

What Microsoft signing tools can the CSP integrate with?

The DigiCert​​®​​ Software Trust Manager CSP integrates with the following Microsoft signing tools while maintaining key protection, permission-based access and reporting all signing activities:

What can the CSP sign?

DigiCert​​®​​ Software Trust Manager CSP enables secure hash-based signing of Microsoft:

  • Executables

  • Installers

  • Files

  • Applications

  • Drivers

  • Images

  • Scripts

Download CSP library

Astuce

If you have downloaded and installed the Windows Clients Installer, the CSP is already downloaded and registered as part of the installation.

  1. Sign in to DigiCert ONE.

  2. Navigate to DigiCert​​®​​ Software Trust Manager > Resources > Client tool repository.

  3. Click the download icon next to DigiCert​​®​​ Software Trust Manager CSP.

    Note

    Two versions of the CSP exist:

    • 64bit: Recommended

    • 32bit: Download this version if you are running an older operating system with constrained resources that is not able to handle 64bit clients.

Register the CSP

  1. Copy the downloaded CSP to the C:\windows\System32 directory named ssmcsp.dll: c:\windows\System32\ssmcsp.dll

  2. To register the CSP, open a command prompt in Administrator mode and run:

    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\DigiCert Software Trust Manager CSP"
    
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\DigiCert Software Trust Manager CSP" /v "SigInFile" /t REG_DWORD /d 0
    
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\DigiCert Software Trust Manager CSP" /v "Type" /t REG_DWORD /d 1
    
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\DigiCert Software Trust Manager CSP" /v "Image Path" /t REG_SZ /d "ssmcsp.dll
  3. To check if your CSP is successfully registered and ready to use, run:

    C:\windows\system32\certutil.exe -csplist

    Note

    You should see an entry named DigiCert Software Trust Manager CSP in the output.