How to use SignFile.exe from multiple computers.

    As you have likely realized SignFile needs a key container with a private key to  sign your file. You can read more about key containers and keys here:

 

 

    Often you'll generate the private/public key pair with makecert.  You’ll then use the keys makecert generated when calling signfile.

 

    But, what if you want to sign files on a machine you didn't create the public/private key pair on? In that case you'll need a tool that can:

 

    (1) Export your private key from a named key container.

    (2) Import your exported private key to a named key container.

 

    Unfortunately I'm not away of an MS tool that will do this. However, writing such a tool for the desktop should be pretty easy. Look at the CryptExportKey/CryptImportKey API's.

 

    When I get more time I'll post the code for this, or if someone writes this code in the mean time, feel free to attach it to this blog.

 

[Author: Igor Dvorkin]