.cab Signing (SP Only)
To provide a more secure method of packaging and delivering applications, Smartphone supports .cab files signed with Authenticode certificates. Certificates are attached to signed .cab files as a certificate chain when the file goes through the signing process.
Note Pocket PC does not check signatures during application, installation, or execution.
To sign a .cab file for use on a device, you must have the following resources:
- A .cab file created by CABWizSP.
- An Authenticode certificate that is already installed on or will be distributed to the device the .cab file is to be installed on.
A .cab file can be signed when it is created by means of Authenticode tools. Authenticode provides a development toolkit with a suite of applications that sign and verify the signature on a .cab file. The Authenticode suite includes the following tools:
- MakeCert, which creates a test X.509 certificate
- SignCode, which signs a file
- ChkTrust, which checks the validity of the file
- CertMgr, which manages certificates, certificate trust lists, and certificate revocation lists
These tools are available on MSDN® under the titles:
- Signing and Checking CABs with Authenticode
- The Code Signing Wizard, which is invoked through the SIGNCODE utility, to sign a file
See Also
Creating Setup .cab Files with CabWizSp (SP Only) | .cab Files | CABWizSP (SP Only)
Last updated on Friday, April 22, 2005
© 2005 Microsoft Corporation. All rights reserved.
Send feedback on this topic to the authors.