Creating Signed Files and Catalogs
To sign a file and create a catalog for it, you must first have a process for signing files, a certificate, and a public key.
To sign a file and a create a catalog
- Use Pktextract.exe to extract the public key token from the certificate file. The certificate file must be present in the same directory as the utility.
- Use the public key token value to update the publicKeyToken attribute of the assemblyIdentity element in the manifest file.
- Use MT.exe to generate hashes of files contained in the assembly manifest and to create the catalog description file (.cdf).
- Use Makecat.exe with the generated .cdf to create the security catalog for the assembly. This tool is included in the CryptoAPI.
- Use the SignTool utility to sign the catalog generated with the certificate used in step 1. The .cdf from steps 3 and 4 can be deleted once the catalog is created.
See also, Assembly Signing Example.