After you have enrolled for your Code Singing Certificate using a CSR generated from the utility you will then have to Import/Install the Code Signing Certificate after it gets issued. The CA should give you a pkxs7 format certificate also known as a .p7b. The way they give you this certificate will vary.
Save and move this .p7b file to the system where you have created the CSR using the Utility on.
To complete and install your Code Signing Certificate perform the following.
- Run the Digicert Certificate Utility by Double-clicking the DigicertUtil.exe.
- In the Digicert Certificate Utility, Click Code Signing.
- Click Import.
- In the Certificate Import window click Browse.. and Open to specify the location and path of your Code Signing certificate. Change the file type to either PKCS#7 Certificates (*.p7b) or All from the drop down to find your certificate.
- After specifying the location and path of the file click Next.
- You will see information about the certificate you have selected to import. In the Enter a new friendly name or you can accept the default field type a friendly name for the certificate. Something unique so that you can quickly identify this certificate.
- Click Finish.
- You should get confirmation that the certificate has been successfully install and see it within your list of code signing certificates.
Note: If you get an error that states “Private Key Missing” this is due to the following causes…- You did not create the CSR/Private key on this machine:
Resolutions:- Make sure you are on the correct system that has the Digicert Certificate Utility installed where you generated the CSR from.
- If you lost your private key or if the system where the CSR was generated using the Utility blew up then you will have to start from scratch by generating a new CSR, and performing a reissue/rekey of your code signing certificate.
- You are installing the a wrong certificate:
Resolutions:- Make sure you are installing the correct certificate. Typically once the certificate is on your desktop as a .p7b file you can double click on it to read the information. make sure the certificate or one of the certificates in its chain is issued to your organization with the correct dates.
- You did not create the CSR/Private key on this machine:
Congrats you have just installed your Code Signing Certificate using the Digicert Certificate Utility for Code Signing.
You can now sign your code using the Utility or you can Export the Code Signing Certificate and distribute the certificate to your development teams. For instructions on how to go about Signing or Exporting, view or following links.
Digicert Certificate Utility – Code Signing (Signing Code)
Digicert Certificate Utility – Code Signing (Exporting)