代码签名 .NET 程序集还是只是设置?
我的公司终于购买了代码签名证书。
我有一个 WinForms 应用程序(1 个 exe 和几个 dll),所有程序集都已使用强名称进行签名。 然后将整个应用程序打包到 msi 安装程序中。 然后我使用 NSIS 将 msi、引导程序和先决条件(框架、SQL CE...)打包到单个 setup.exe 中。
显然我的 setup.exe 需要签名,以避免“可怕的”UAC 提示。 这是否足够,或者您是否还要对其他文件(尤其是 .NET 程序集)进行签名?
属于应用程序的另一个项目是 Windows 服务。 你会签署该集会吗?
My company finally bought a code-signing certificate.
I have a WinForms application (1 exe and several dlls), all assemblies are already signed with a strong name. The entire application is then packaged into a msi installer. Then I use NSIS to pack the msi, the bootstrapper and the prerequisites (Framework, SQL CE...) into a single setup.exe.
Obviously my setup.exe needs to be signed, to avoid the "scary" UAC prompt. Is that enough or would you also sign the other files, especially the .NET assemblies?
Another project that belongs to the application is a Windows serivce. Would you sign that assembly?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
你不必这样做,但这不是一个坏主意。
创作经过完全验证的签名安装
上面的说明涵盖了您需要为安装程序本身执行的操作。 签署程序集取决于您,并且在某种程度上是一个单独的问题,并且具有单独的关注点和好处。 请阅读强名称程序集可以让您远离 DLL Hell 了解有关签名程序集的更多信息。
You don't have to but its not a bad idea.
Authoring a Fully Verified Signed Installation
The instructions above cover what you need to do for the installer itself. Signing the assemblies is up to you and is somewhat of a separate issue and has separate concerns and benefits. Please read Strong name assemblies can keep you out of DLL Hell for more information about signing assemblies.