Signing Tools and Digital Signatures
Tools and Digital Signatures
Before signing your scripts, you may want to read up on how to edit your preferences to bypass the requirement (at least in a testing environment) to sign your code.
The user instructions, although written with a Netscape Communicator 4.x user in mind, still hold good for Mozilla based browsers such as Netscape 7.0 and Mozilla 1.0. Mozilla still deploys certificate and key storage files similar to those deployed by Netscape Communicator 4.x, namely the key3.db file for storing private keys and the cert7.db for public keys and certificates. For Mozilla users, these files are usually stored in the profile directory of the user -- for instance for a typical Windows 2000 user these files would reside in:
C:\Documents and Settings\aruner\Application Data\Mozilla\Profiles\default\2xgjvb43.slt\
The usage directions for Signtool 1.3 refer to a directory in which object signing certificates are stored. The recommended course of action would be to copy the files cert7.db and key3.db to a directory of your choosing, and then use that directory for Signtool's certificate operations. The easiest procedure is:
- To set a password via the browser for your certificate database. On Netscape 7.0, this would involve:
- Going to the Edit | Preferences menu, and choosing Certificates from the list of items to administer.
- Click on Manage Security Devices, and then select NSS Internal PKCS#11 Module
- Choose Software Security Device, and then Change Password