Generating a Self-Signed Certificate

To generate a self signed code-signing certificate, you can use the makecert.exe program which is part of your Windows SDK program.

Self signed certificates are only practical for testing purposes while you wait for an external CA to sign a certificate for you.

Procedure

  1. Issue the following command to generate your key pair, which is your private key and certificate:
    makecert -sv yourprivatekeyfile.pvk -n "cert name" yourcertfile.cer -b mm/dd/yyyy -e 
    mm/dd/yyyy –r
    See the following table for the description of the above parameters:
    Parameter Description
    -sv yourprivatekeyfile.pvk The name of the file containing the private key.
    -n "cert name" The name that will appear on the certificate and in the certificate store.
    Note: The same IP or host name that was used for the CN when a certificate was generated for the TIBCO MFT Internet Server installation should be used.
    yourcertfile.cer The name of the certificate file.
    -b mm/dd/yyyy The date when the certificate becomes valid.
    -e mm/dd/yyyy The date when the certificate expires.
    –r It indicates that this will be a self-signed certificate.
  2. When you have issued the command, a window will open that will prompt you to enter the password to be used for the private key.
    Note: You must set a password in order for the MFT desktop client customization to complete successfully. Do not select None.
  3. Once you have set the password and clicked OK. Then another window will open for you to enter that password in order to sign the actual certificate file.
    Once you have clicked Ok, you should see a message saying “Succeeded”. See the example below:

  4. Enter the following command youth create the .pfx file that will be used to sign your desktop client manifest files:
    The pvk2pfxt.exe program is part of your Windows SDK program.
    pvk2pfx –pvk yourprivatekeyfile.pvk –spc yourcertfile.cer –pfx yourpfxfile.pfx –po 
    yourpfxpassword
    See the following table for the description of the above parameters:
    Parameter Description
    –pvk yourprivatekeyfile.pvk The private key file that you created in Step 1.
    –spc yourcertfile.cer The certificate file that you created in Step 1.
    –pfx yourpfxfile.pfx The name of the .pfx file that will be created.
    -po yourpfxpassword The password that you want to assign to the .pfx file. You will be prompted for this password when you add the .pfx file to a project in Visual Studio for the first time.
    See the example command below:

    This completes the creation of the self signed code-signing certificate.