Generate the Authenticode Signing Certificate | Utimaco Integration Guides

To generate a self-signed code signing certificate, follow the below steps:

1. Create a PowerShell script file with name Generate_Authenticode_SelfCert.ps1 at appropriate location and add the following content into the script file.

`Generate_Authenticode_SelfCert.ps1`
`#Define Utimaco Provider` `$UtimacoProviderName = "Utimaco CryptoServer Key Storage Provider"` `#Define Subject Name of the Self Signed Certificate` `$SubjectName = "Authenticode Certificate"` `#Define Friendly Name` `$FriendlyName = "Authenticode_SelfCert"` `#Based on the Key Store (Local Machine or Current user) make appropriate changes in location name parameter #LocationName = "Cert:\LocalMachine\My"` `$LocationName = "Cert:\CurrentUser\My"` `#Container name should match with Keyname parameter in 5.2 section` `$ContainerName = "Authenticode_TestKey"` `#Generate Self Signed Certificate` `New-SelfSignedCertificate -Subject $SubjectName -FriendlyName` $FriendlyName -Type CodeSigningCert -CertStoreLocation ` `$LocationName -Provider $UtimacoProviderName -ExistingKey -Container $ContainerName`

Generate_Authenticode_SelfCert.ps1

#Define Utimaco Provider

$UtimacoProviderName = "Utimaco CryptoServer Key Storage Provider"

#Define Subject Name of the Self Signed Certificate

$SubjectName = "Authenticode Certificate"

#Define Friendly Name

$FriendlyName = "Authenticode_SelfCert"

#Based on the Key Store (Local Machine or Current user) make appropriate changes in location name parameter #LocationName = "Cert:\LocalMachine\My"

$LocationName = "Cert:\CurrentUser\My"

#Container name should match with Keyname parameter in 5.2 section

$ContainerName = "Authenticode_TestKey"

#Generate Self Signed Certificate

New-SelfSignedCertificate -Subject $SubjectName -FriendlyName

$FriendlyName -Type CodeSigningCert -CertStoreLocation `

$LocationName -Provider $UtimacoProviderName -ExistingKey -Container $ContainerName

Launch PowerShell as Administrator, and run Generate_Authenticode_SelfCert.ps1.

`›_ PowerShell`
`> .\Generate_Authenticode_SelfCert.ps1` `PSParentPath: Microsoft.PowerShell.Security\Certificate::CurrentUser\My` `Thumbprint Subject` `---------- -------` `1974F986D9B8BF32F47FC2AF33D6271DD905C44F CN=Authenticode Certificate`

›_ PowerShell

> .\Generate_Authenticode_SelfCert.ps1

PSParentPath: Microsoft.PowerShell.Security\Certificate::CurrentUser\My

Thumbprint Subject

---------- -------

1974F986D9B8BF32F47FC2AF33D6271DD905C44F CN=Authenticode Certificate

If you are using Smartcard Authentication, the prompt will go on the PIN Pad device to insert Smartcard and enter the pin. Then press OK button on the PIN Pad.

The self-signed certificate can be viewed in a PowerShell window, as seen below.

`›_ PowerShell`
`> Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert -Recurse` `PSParentPath: Microsoft.PowerShell.Security\Certificate::CurrentUser\My` `Thumbprint Subject` `---------- -------` `1974F986D9B8BF32F47FC2AF33D6271DD905C44F CN=Authenticode Certificate`

›_ PowerShell

> Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert -Recurse

PSParentPath: Microsoft.PowerShell.Security\Certificate::CurrentUser\My

Thumbprint Subject

---------- -------

1974F986D9B8BF32F47FC2AF33D6271DD905C44F CN=Authenticode Certificate