code-signing-certificatesafenet

How do I extract certificate from SafeNet Authentication Client


I have just purchased a new OV Certificate from Sectigo via KSoftware, previously this was provided as a download to my browser that I then exported as pfx file and signed with the ksign tool from KSoftware.

e.g

c:\Apps\kSign\ksigncmd /d "SongKong Installer" /du "http://jthink.net/songkong" /f c:\code\jthink\songkong\config\comodo.pfx /p cherry1 SongKong-11.4.exe

Now, new stricter requirements mean that instead I am sent a usb stick in the post and a password by email. Then I have to install and use SafeNet Authentication Client and enter password to access the certificate.

I can now see the certificate within SafeNet Authentication Client but how do I actually use it to sign my application?


Solution

  • Okay I found the answer

    Needed to install WindowsSDK to get signtool

    The procedure was then as follows:

    C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe sign /tr http://timestamp.comodoca.com /td sha256 /fd sha256 /a SongKong-11.4.exe
    

    It is signed with the following output

    Done Adding Additional Store
    Successfully signed: SongKong-11.4.exe