Creating Signed CAB Files for MFC and ATL Controls
If you plan to distribute MFC and ATL controls via the Internet, you should package them as signed Cabinet (CAB) files. Signed files assure a user downloading your control that the code is safe. A CAB file contains a compressed version of your control plus information about how your control is to be installed, for example, which DLLs need to be installed along with the OCX.
The following is information you will need for creating signed CAB files for ActiveX controls:
- Installing the Platform SDK. You can install the tools you need to create and sign CAB files from the Platform SDK. For download information, see Platform Software Development Kit.
During installation, choose to install "Internet Explorer Tools." Both the code signing files and the CAB utilities can be found in the installed Mssdk\Bin directory. (Note that "Mssdk" might be named "Microsoft Platform SDK" by some installations.)
- The MSDN Online Web Workshop. If you have previously used the Internet Client SDK, note that this content has moved to the Web Workshop.
- Authenticode technology and CryptoAPI Tools. You can find information on signing code with Microsoft Authenticode technology in CryptoAPI Tools Reference, located in the Platform SDK documentation (in MSDN Library/Security/Cryptography).
- Microsoft Security Advisor site. See http://www.microsoft.com/security/.
Before you can sign files, you need to get a Software Publisher Certificate. You must apply for your own certificate to a Certification Authority. With the tools in the Mssdk\Bin directory you can create a test certificate for testing purposes, but this certificate cannot be used to sign code for distribution. See step 1 for information about applying for a Software Publisher Certificate.
These are the steps to create a signed CAB file:
- Get a Software Publisher Certificate (you only need to do this once).
- Create the CAB file.
- Sign your files.
- Embed the signed CAB file in a Web page (optional).