Deploy Own Certificate Built in Our Application's Cab

crino

Rate me:

2.85/5 (6 votes)

20 Dec 2005CPOL1 min read

29.1K

113

Deploy own certificate built in our application's cab

Download source files - 120.4 KB

Introduction

In my first article (Sign code), we've created our certificate to install on device and to sign our applications to run them as trusted.
In this article, we'll see how we can deploy our certificate inside our application's cab, so users don't have to install the certificate manually.

Step 1 - Sign the Files

The first step is to sign our .exes, .dlls and the other files of our application. To do this, we can use our RDAs or use the utility signtool.exe:

signtool.exe sign /f MyCert.pfx *.exe *.dll *.cpl  [....and so on]

Step 2 - Include our Certificate in cab

In the first article, we've created _setup.xml which contains our certificate in wap-provisioningdoc format.
So now, we'll create a copy of _setup.xml and we'll rename it to Pre_MyCert.xml.
We'll remove the <?xml version="1.0" encoding="utf-8" ?> and <wap-provisioningdoc> tags.

The result will be:

XML

<characteristic type="CertificateStore">
    <characteristic type="Privileged Execution Trust Authorities">
        <characteristic type="2bd9dd0aadf266f9810a1210a2052144bf2e3f22">
            <parm name="EncodedCertificate" 
	   value="MIIB8jCCAVugAwIBAgIQztL5fI8kyrFE9be6IfYcXTANBgkqhkiG9w0BAQQFADAS
MRAwDgYDVQQDEwdDcmlTb2Z0MCAXDTk5MTIzMTIzMDAwMFoYDzIwOTgxMjMxMjMw
MDAwWjASMRAwDgYDVQQDEwdDcmlTb2Z0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
iQKBgQDSNfTSjNJy4zZKi9wen/9CLt1cwWcYIaIp4xIuDd9VIXy3hBj+FpL11E9d
O7Sa5FXcIo8P9WttLHkd9TS8GXUEJShU+b/JtPDQ3EvpuJcSpo0CEuAI3fr7+LpI
VtfZto+lA8/8Ch7cssZQqPaNClIP2+9DrR5l7t5XvCGLltfrcQIDAQABo0cwRTBD
BgNVHQEEPDA6gBDsxeAuaLF3Ax+fxz0bWdqvoRQwEjEQMA4GA1UEAxMHQ3JpU29m
dIIQztL5fI8kyrFE9be6IfYcXTANBgkqhkiG9w0BAQQFAAOBgQC2Tsg8FhGLhCgT
IxKEErFzZw1bNxrnxAjao3hkA2jtv3jGkejWMnnBODogUPbwnkxRTlmKEjBhFilt
P4c4djE4cDApXpnj26R7eX6PmhPmvJHRJP4JM8WEzq/saWyCBEyfhslSSKCVQeNS
SJZ6//5FFqAJIQZ8DklQpSP6mIG3mw==" />
        </characteristic>
    </characteristic>
</characteristic>
<characteristic type="CertificateStore">
    <characteristic type="SPC">
        <characteristic type="2bd9dd0aadf266f9810a1210a2052144bf2e3f22">
            <parm name="EncodedCertificate" 
	   value="MIIB8jCCAVugAwIBAgIQztL5fI8kyrFE9be6IfYcXTANBgkqhkiG9w0BAQQFADAS
MRAwDgYDVQQDEwdDcmlTb2Z0MCAXDTk5MTIzMTIzMDAwMFoYDzIwOTgxMjMxMjMw
MDAwWjASMRAwDgYDVQQDEwdDcmlTb2Z0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
iQKBgQDSNfTSjNJy4zZKi9wen/9CLt1cwWcYIaIp4xIuDd9VIXy3hBj+FpL11E9d
O7Sa5FXcIo8P9WttLHkd9TS8GXUEJShU+b/JtPDQ3EvpuJcSpo0CEuAI3fr7+LpI
VtfZto+lA8/8Ch7cssZQqPaNClIP2+9DrR5l7t5XvCGLltfrcQIDAQABo0cwRTBD
BgNVHQEEPDA6gBDsxeAuaLF3Ax+fxz0bWdqvoRQwEjEQMA4GA1UEAxMHQ3JpU29m
dIIQztL5fI8kyrFE9be6IfYcXTANBgkqhkiG9w0BAQQFAAOBgQC2Tsg8FhGLhCgT
IxKEErFzZw1bNxrnxAjao3hkA2jtv3jGkejWMnnBODogUPbwnkxRTlmKEjBhFilt
P4c4djE4cDApXpnj26R7eX6PmhPmvJHRJP4JM8WEzq/saWyCBEyfhslSSKCVQeNS
SJZ6//5FFqAJIQZ8DklQpSP6mIG3mw==" />
            <parm name="Role" value="222" />
        </characteristic>
    </characteristic>
</characteristic>

Step 3 - Create the Cab

Ok, now we have the XML file and our signed application's files, so we can build our cab with this simple command line:

CabWiz.exe MyApp.inf /prexml PreXML_MyCert.xml" /err Error_MyApp.log /cpu ARM

This is it! The output will be our cab with our application and our certificate is ready to install on the device.
For more information about .inf file to create cab, check out the MSDN library.

History

20/12/2005 - Initial article

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Written By

crino

Italy

wmdevelopers.blogspot.com
wwww.winmobileapps.com