The whole thing is basically a two part process:
- Get your certificte
- Sign a file
- Order from a browser that you will again have access to in a few days. This is important, because your certificate is generated while ordering, but only becomes valid after the verification process is completed, which might take a few days.
- Prove your identity by sending copies of your passport, phone bill, bank statement etc.
- Await approval
- Complete the process, once you have opened the final pick up link with the same browser that you ordered from, by exporting your valid code signing certificate to a .pfx file (Instructions for Firefox/IE)
- Smile :-)
- Download the Windows SDK. It contains a file named signtool.exe (SignTool Syntax)
- For ease of use, create a batch file like this:
REM 1. Save this text as batch file named "SignNow.bat" or similar
REM 2. Adjust paths, certificate filename and password
REM 3. If you are not using Comodo, replace time server URL
REM Usage: drag 'n' drop from windows explorer! :-)
"C:\signtool.exe" sign /f "C:\Your_Certificate.pfx" /p "Your_Password" /v /t http://timestamp.comodoca.com/authenticode %1
REM Attention: All of the bold text above has to be in ONE line
- Make sure your PC is connected to the internet to ensure that time stamping will work
- Drag 'n' drop your file onto the batch file
- Smile :-)
Some more detailed tutorials are available from Jeff Wilcox (English) and Oliver Grahl (German).
Happy code signing... :-)