Dotfuscator User's Guide
Digital Signing Section

The digitalsigning section allows you to specify if and how you want Dotfuscator to perform Authenticode Digital Signing on your output assemblies.

The digitalsigning section is optional. If not present, Authenticode signing will not be applied.

Specifying <pfx> Element

You can specify the PKCS #12 file that was provided to you by your code-signing authority for use in Authenticode signing with a <pfx> element. A <pfx> element contains a <file> sub element which describes the location of the PKCS #12 (.pfx) file containing your code-signing certificate. The <pfx> element also has a password attribute which specifies the password used to unlock the certificate.

<pfx> Element
Copy Code
      <pfx password="secret123">
        <file dir="c:\temp" name="authenticode.pfx" />
      </pfx>

<digitalsigning> Element

To perform Authenticode signing on output assemblies, you can provide a <digitalsigning> element with a <pfx> sub-element.

The disable option is primarily for convenience and troubleshooting purposes. When set, Dotfuscator skips Authenticode signing altogether, regardless of what’s in the rest of the signing section.

The <timestampurl> sub element provides the ability for you to specify the URL of an Authenticode timestamp service. This URL will be accessed during Dotfuscator's signing process, and will provide additional data which will allow your assemblies' Authenticode signatures to remain valid after your code-signing certificate has expired. This element is optional. If omitted, this additional data will not be included, and your assemblies' Authenticode signatures will become invalid once your code-signing certificate expires.

<digitalsigning> Element
Copy Code
  <digitalsigning>
    <!--Skip Authenticode signing, ignoring rest of section-->
    <option>disable</option>
    <!--Specify the certificate to use for Authenticode signing-->
    <pfx password="secret123">
      <file dir="c:\temp" name="authenticode.pfx" />
    </pfx>
    <!--Optionally specify the URL to the timestamp service-->
    <timestampurl>http://timestamp.comodoca.com/authenticode</timestampurl>
  </digitalsigning>

  

See Also

Advanced Topics

 

 


© 2016 PreEmptive Solutions, LLC. All Rights Reserved.

www.preemptive.com