Josh Mudge
5 years ago
commit
33b2f36db5
8 changed files with 87 additions and 0 deletions
@ -0,0 +1 @@ |
|||||
|
**/git |
After Width: | Height: | Size: 46 KiB |
@ -0,0 +1,86 @@ |
|||||
|
# Purpose |
||||
|
|
||||
|
We're going to be looking at how to get a code-signing certificate, how to sign code with it and use that to create a setup file. This setup file will contain another signed file that will launch a basic web server. The setup file will create a firewall rule for the server so it won't need to prompt the user with a firewall settings prompt. |
||||
|
|
||||
|
# Obtaining a Code Signing Certificate |
||||
|
|
||||
|
Purhcase a code-signing certificate: https://cheapsslsecurity.com/comodo/codesigningcertificate.html |
||||
|
Be aware that you will likely need to create a Dun & Bradstreet listing, depending on the company you order the certificate from: https://www.dandb.com/businessdirectory/products/ (this is free) |
||||
|
The validation process will take 1-3 business days if you have entered all of your business information correctly and give them your D-U-N-S (Dun & Bradstreet) number. After you receive an email containing a link to the certificate, follow these directions in the **exact same** browser as the one you used to request the certificate : https://cheapsslsecurity.com/downloads.aspx?ispdf=true&iscs=true&filenm=Comodo_Code_Signing_Collection_Guide.pdf |
||||
|
|
||||
|
# Signing a File |
||||
|
|
||||
|
[Screenshot] Next, you will need to install Visual Studio with the "Universal Windows App Development Tools" workload. You can click on the list of sub-items and un-select everything except the Windows 10 SDK. You can download Visual Studio here: https://visualstudio.microsoft.com/thank-you-downloading-visual-studio/?sku=Community&rel=16 |
||||
|
|
||||
|
Open a "Developer Command Prompt for VS". |
||||
|
|
||||
|
![](developerprompt.png) |
||||
|
|
||||
|
``` |
||||
|
# Sign a file with your certificate. |
||||
|
SignTool sign /t http://timestamp.comodoca.com /f codesigning.p12 /p <Password> file.exe |
||||
|
``` |
||||
|
|
||||
|
![](signfile.png) |
||||
|
|
||||
|
You should see something like this: |
||||
|
|
||||
|
![](donesigning.png) |
||||
|
|
||||
|
# Creating the Setup File |
||||
|
|
||||
|
I'm using a few different Go tools to allow us to create the web server, a firewall rule and put the server file inside our setup app. |
||||
|
|
||||
|
## Server |
||||
|
|
||||
|
First of all, you'll want to install Golang: https://golang.org/dl/ |
||||
|
Then you'll want to install [goversioninfo](https://github.com/josephspurrier/goversioninfo) by running the following in a command prompt: |
||||
|
|
||||
|
``` |
||||
|
go get github.com/josephspurrier/goversioninfo/cmd/goversioninfo |
||||
|
``` |
||||
|
|
||||
|
This will allow us to set the name of the program, version, etc. and most importantly, which manifest file to use. |
||||
|
|
||||
|
[Configuration options / usage.] |
||||
|
|
||||
|
## Firewall Rule |
||||
|
|
||||
|
go-powershell |
||||
|
|
||||
|
``` |
||||
|
# working directory is dir |
||||
|
dir, err := os.Getwd() |
||||
|
if err != nil { |
||||
|
log.Fatal(err) |
||||
|
} |
||||
|
``` |
||||
|
Might have to create another variable set to the string and add the path. |
||||
|
|
||||
|
``` |
||||
|
# This command will create the firewall rule. |
||||
|
New-NetFirewallRule -DisplayName "Name of Rule" -Direction Inbound -Program "C:\path\to\app\file.exe" -Action Allow |
||||
|
``` |
||||
|
|
||||
|
You should see something like this: |
||||
|
|
||||
|
![](addfirewallrule.png) |
||||
|
|
||||
|
Manifest file: |
||||
|
|
||||
|
``` |
||||
|
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> |
||||
|
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> |
||||
|
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"> |
||||
|
<security> |
||||
|
<requestedPrivileges> |
||||
|
<requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> |
||||
|
</requestedPrivileges> |
||||
|
</security> |
||||
|
</trustInfo> |
||||
|
</assembly> |
||||
|
``` |
||||
|
|
||||
|
## Put Server In Setup File |
||||
|
|
||||
|
fileb0x |
After Width: | Height: | Size: 36 KiB |
After Width: | Height: | Size: 16 KiB |
After Width: | Height: | Size: 50 KiB |
After Width: | Height: | Size: 20 KiB |
After Width: | Height: | Size: 17 KiB |
Loading…
Reference in new issue