Creating a Digital Certificate for Testing Purposes [Office 2003 SDK Documentation]
If you don't have a valid certificate available for signing your XML expansion pack manifest file during testing, you can create a test certificate to use with the XMLSign tool. You can use one of the following to create a test certificate for testing purposes:
- The SelfCert tool included with Microsoft Office.
- The MakeCert tool included with Microsoft Visual Studio .NET.
Using the Office SelfCert tool
To create a digital certificate for testing purposes using the Office SelfCert tool
Open Windows Explorer.
Navigate to the Selfcert.exe file located in the Office program folder. The default location is C:\Program Files\Microsoft Office\OFFICE11.
Double-click the Selfcert.exe file to run it. The Create Digital Certificate dialog box appears.
Enter your name or your company's name in the Your certificate's name box, and then click OK.
You receive a message that you have successfully created a new certificate.
Using the Visual Studio .NET MakeCert tool
To create a digital certificate for testing purposes using the Visual Studio .NET MakeCert tool
Click Start, and then click Run. In the Open box, type cmd and then click OK.
At the command prompt, type the following string, and then press ENTER:
makecert -sk Northwind -r -n "CN=Northwind Traders, OU=Certification, O=Northwind Traders, Efirstname.lastname@example.org" -ss local NWind.cer
The command window tells you whether you successfully created a digital signature. This creates a test certificate named NWind.cer located at the C:\Documents and Settings\Your User Name\ path.
Note If you cannot create a digital signature by using the previous string, make sure that the folder where the MakeCert.exe file is stored is in the DOS path for your computer. You can do this by typing path at the command prompt and pressing ENTER.
Understanding the MakeCert string
The following list of command-line parameters can help you to understand the previous string so that you can modify it for your own needs. Create a self-signed certificate by using the default test root. Also, create a key container (named Northwind) and output the certificate to both a store (named local) and a file (named NWind.cer).
|-sk Northwind||-sk subjectKey||This is the name of the subject's key container that holds the private key. If a key container does not exist, one is created. If the -sk option is not used, a key container named JoeSoft is created by default. The subject key container name for the above string is Northwind.|
|-r||-r||Creates a self-signed certificate.|
|-n "CN=Northwind Traders, OU=Certification, O=Northwind Traders, Eemail@example.com"||-n name||Name for the publisher's certificate. This name must conform to the X.500 standard. The simplest method is to use "CN=CompanyName" format. For example: -n "CN=Northwind Traders".
CN=Northwind TradersCN=Name of the company. Example: Northwind Traders.
OU=CertificationOU=Organizational Unit. Name of the organizational unit or department inside the company. Example: Certification.
Efirstname.lastname@example.orgE=Contact e-mail address for information about the digital signature.
|CN=Northwind Traders||CN=||Name of the company. Example: Northwind Traders.|
|OU=Certification||OU=||Organizational Unit. Name of the organizational unit or department inside the company. Example: Certification.|
|Eemail@example.com||E=||Contact e-mail address for information about the digital signature.|
|-ss local||-ss subjectCertStoreName||Name of the subject's certificate store where the generated certificate will be stored.|
|NWind.cer||saveCertificate.cer||The file name of the newly created digital certificate file.|
For a comprehensive list of command-line parameters for Authenticode digital certificates, see Signing and Checking Code with Authenticode.