Digitally sign (code sign) file on linux server?

Toggle sidebar Toggle sidebar
D

DaveSimmons

Elite Member
Aug 12, 2001
40,730
670
126
In Windows we sign our install exes using MS' SignTool to add our Thawte cert to the file.

Is there an equivalent program for Linux? We'd use PHP scripting so either a PHP package or an external application would work.
 
Markbnj

Markbnj

Elite Member <br>Moderator Emeritus
Moderator
Sep 16, 2005
15,682
14
81
www.markbetz.net
GnuPG? Maybe there is something more specific to install packages, but you can sign an encrypted file with it.
 
Q

QuixoticOne

Golden Member
Nov 4, 2005
1,855
0
0
It can be done. The most commonly used signature making / modifying tool for UNIX type systems (and actually also the low level tool used in many non-UNIX ones) is OpenSSL.

OpenSSL has a library that you can call from another program, and it also has a very standard set of command line tools you could invoke from the shell or PHP or whatever.

Here's some info which seems to say that all the tools you need are in the 0.9.9+ versions of OpenSSL whereas you may need some additional format conversion utilities for PVK format if you're using older OpenSSL tools.

http://sourceforge.net/projects/osslsigncode/
http://wiki.cacert.org/wiki/Authenticode
http://www.matthew-jones.com/articles/codesigning.html
http://www.tech-pro.net/export-to-pvk-spc.html
http://www.drh-consultancy.demon.co.uk/pvk.html
http://www.petefreitag.com/item/117.cfm

 
D

DaveSimmons

Elite Member
Aug 12, 2001
40,730
670
126
Thanks, that looks promising.

I know how to do it on a Windows PC for our normal installs, but now we want to create customized self-extracting exes on a linux server and code sign them. I know a little Perl and PHP but haven't been up to date on my 'nix since last century in college.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom