Hi Simo


Have you already set up certificate services on a machine. I'm assuming you have in the following...let me know if not...

If so you should be able to browse to http://localhost/certsrv on the machine with certificate services installed.

assuming this works then follow the wizard on that page:
the personal info can be whatever...
Choose code signing cert in the certificate type combo
Choose a suitable CSP and key length ( 2048 ms rsa/aes enhanced provider maybe? )
mark the keys as exportable via the checkbox and strongly protect the private keys.

request format shouldn't matter. sha512 it if u are paranoid...

Hit submit and you should get a pending request page

Now you have to play the role of the certserver and accept the certificate request.

So run the certificate services mmc snapin on the same machine( start, run, certsrv.msc )

there should be a tab underneath your CA that says pending requests. Go to this and right hand mouse on the cert that's ( hopefully ) there and click issue..

the cert is now issued. One last step...

Browse back to http://localhost/certsrv and click on the link that says "view the status of a pending request". Click on the cert there and click download. This will give you a valid cert that u can use for code signing...

Let me know if that's enough info to go on...it is kind of long winded, but ok once you've been through it once... Smiley


edit:
you can gen spc files from an exported .cer cert using this utility
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cpgrfsoftwarepublishercertificatetesttoolcert2spcexe.asp