Test-Signing a Catalog File

After you create and verify a driver package's catalog file, use SignTool to test-sign the catalog file as described in the following topics:

Using a MakeCert Test Certificate or Commercial Test Certificate to Test-Sign a Driver package's Catalog File

Using an Enterprise CA Test Certificate to Test-Sign a Driver package's Catalog File

Using a MakeCert Test Certificate or Commercial Test Certificate to Test-Sign a Driver Package's Catalog File

Use the following SignTool command to sign a catalog file by using a MakeCert test certificate or a commercial test certificate:


SignTool sign /v /s TestCertStoreName /n TestCertName /t http://timestamp.verisign.com/scripts/timstamp.dll CatalogFileName.cat

Where:

  • The sign command configures SignTool to sign the catalog file that is named CatalogFileName.cat.

  • The /v verbose option configures SignTool to print execution and warning messages.

  • The /s TestCertStoreName option supplies the name of the test certificate store that contains the test certificate named TestCertName.

  • The /n TestCertName option supplies the name of the test certificate that is installed in the certificate store named TestCertStoreName. The test certificate can be either a MakeCert test certificate or a commercial test certificate.

  • The /t http://timestamp.verisign.com/scripts/timstamp.dll option supplies the URL to the publicly-available time-stamp server that VeriSign provides.

  • CatalogFileName.cat is the name of the catalog file.

The following command shows how to use SignTool to test-sign a driver package's catalog file. This example signs the catalog file Tstamd64.cat, which is in the same directory in which the command is run. The test certificate is named "contoso.com(test)," which is installed in the certificate store named "PrivateCertStore."


SignTool sign /v /s PrivateCertStore /n contoso.com(test) /t http://timestamp.verisign.com/scripts/timstamp.dll tstamd64.cat

Using an Enterprise CA Test Certificate to Test-Sign a Driver Package's Catalog File

The following SignTool command assumes that an Enterprise CA issues the test certificate that you use to test-sign a driver package. If the Enterprise CA test certificate is the only test certificate that is present in your certificate stores, you can use the following command where you specify only the /a option and the name of the catalog file. In this situation, SignTool will locate and use your Enterprise CA test certificate by default.

If you have created or obtained other test certificates in addition to an Enterprise CA test certificate, you must use the SignTool options /s and /n to specify the name of the test certificate store and the name of the test certificate that is installed in the test certificate store.


SignTool sign /v /a /t http://timestamp.verisign.com/scripts/timstamp.dll CatalogFileName.cat

 

 

Send comments about this topic to Microsoft

Show:
© 2014 Microsoft