Steps for signing a .cab file

Article translations Article translations
Article ID: 247257 - View products that this article applies to.
This article was previously published under Q247257
Expand all | Collapse all

SUMMARY

This article describe the steps to sign a cabinet (.cab) file.

MORE INFORMATION

  1. The Microsoft .NET Framework software development kit (SDK) 1.1 includes the Crypto API files that you must have to sign a .cab file. To download the SDK, visit the following Microsoft Web site:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=9B3A2CA6-3647-4070-9F41-A333C6B9181D&displaylang=en
  2. Use the following steps to sign and validate the .cab file:
    1. Type the following at a command prompt to create a private key file, Mycert.pvk.
      makecert -sv "mycert.pvk" -n "CN=My Company" mycert.cer
      The file created in this step, Mycert.cer, is used to create an .spc file. Type the password in the dialog box.
    2. Create an .spc file from the certificate file with the correct password. To do so, type the following line at a command prompt:
      cert2spc mycert.cer mycert.spc
      Note that this step involves creation of a test private key. Alternatively, valid certificates can be created through Microsoft Certificate Server for Intranet use or purchased from external vendors for Internet use.
    3. Use the key information to sign the .cab file:
      signcode -v mycert.pvk -spc mycert.spc new.cab -t [Timestamp server URL]
      For more information about signtool, visit the following Microsoft Developer Network (MSDN) Web site:
      http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/signtool.asp
      Note Specify the timestamp server URL at this step. The timestamp server URL provides a place to enter or edit the location of a timestamp server. A timestamp server validates the date and time that the cabinet file was signed. Certificate files can expire after a certain period of time. Contact your certificate file provider (certificate authority) for the location of their timestamp server.

      Starting with Platform SDK February 2003, signcode.exe has been replaced with signtool.exe.
  3. Follow this procedure to validate a .cab file:
    1. Type the following at a command prompt to run Setreg.exe on the client system with the TRUE value so that the test certificates are recognized:
      setreg -q 1 TRUE
    2. Run Checktrust.exe to ensure that the CAB file is signing correctly:
      chktrust new.cab
    Expected results
    mycab.cab: Succeeded
    						

REFERENCES

More information about .cab files is available in the Microsoft Cabinet SDK. The Cabinet SDK is a collection of tools and documentation that explain how to create a download package consisting of a "cabinet" file that contains all the files to be downloaded. For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
176810 How to manually modify and rebuild CAB files
264570 WebCast available: How does Internet Component download work?

Properties

Article ID: 247257 - Last Review: December 6, 2004 - Revision: 4.0
APPLIES TO
  • Microsoft Internet Explorer 4.0 128-Bit Edition
  • Microsoft Internet Explorer 4.01 Service Pack 2
  • Microsoft Internet Explorer 4.01 Service Pack 1
  • Microsoft Internet Explorer 4.01 Service Pack 2
  • Microsoft Internet Explorer 5.0
  • Microsoft Internet Explorer 5.01
  • Microsoft Internet Explorer 5.5
Keywords: 
kbcodesign kbfaq kbhowto kbinfo KB247257
Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com