CSP library
DigiCert® Software Trust Manager CSP is a library-based client-side tool that implements the Crypto API (CAPI) supported in Windows 2008 and later.
The CSP integrates with Microsoft signing tools that are built with Legacy CSP architecture. The CSP takes a hash-based approach when signing requests that do not require transportation of your files and intellectual property.
What Microsoft signing tools can the CSP integrate with?
The DigiCert® Software Trust Manager CSP integrates with the following Microsoft signing tools while maintaining key protection, permission-based access and reporting all signing activities:
What can the CSP sign?
DigiCert® Software Trust Manager CSP enables secure hash-based signing of Microsoft:
Executables
Installers
Files
Applications
Drivers
Images
Scripts
Download CSP library
Tip
If you have downloaded and installed the Windows Clients Installer, the CSP is already downloaded and registered as part of the installation.
Sign in to DigiCert ONE.
Navigate to DigiCert® Software Trust Manager > Resources > Client tool repository.
Click the download icon next to DigiCert® Software Trust Manager CSP.
Note
Two versions of the CSP exist:
64bit: Recommended
32bit: Download this version if you are running an older operating system with constrained resources that is not able to handle 64bit clients.
Register the CSP
Copy the downloaded CSP to the C:\windows\System32 directory named ssmcsp.dll:
c:\windows\System32\ssmcsp.dll
To register the CSP, open a command prompt in Administrator mode and run:
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\DigiCert Software Trust Manager CSP" reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\DigiCert Software Trust Manager CSP" /v "SigInFile" /t REG_DWORD /d 0 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\DigiCert Software Trust Manager CSP" /v "Type" /t REG_DWORD /d 1 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\DigiCert Software Trust Manager CSP" /v "Image Path" /t REG_SZ /d "ssmcsp.dll
To check if your CSP is successfully registered and ready to use, run:
C:\windows\system32\certutil.exe -csplist
Note
You should see an entry named DigiCert Software Trust Manager CSP in the output.