Not logged in - Login

Creating Code Signing PFX File

Generate CSR for code or driver signing certificate

Add certificates snap-in to MMC

  1. In your Windows search feature, enter mmc, and then click it to launch the #Microsoft Management Console application.
  2. From File, click Add/Remove Snap-in.
  3. Click Certificates and then click Add.
  4. Select Computer account, and then click Next.
  5. Select Local computer, and then click Finish.
  6. Click OK.

Generate CSR & private key

  • In MMC, expand Certificates (Local Computer) and then Personal.
  • Right-click Certificates, and then go to the following menus: All Tasks > *Advanced Operations > Create Custom Request.
  • Click Next.
  • Click Active Directory Enrollment Policy.
  • From Template, click Web Server.
  • Ensure the Request format is PKCS #10, and then click Next.
  • Click the downward-facing arrow next to Details, and then click Properties.
  • From the Type menu, select the following values, enter the corresponding Value, and then click Add:
Common nameYour business or organization's name
OrganizationYour business or organization's name
LocalityYour business or organization's address
StateThe state where your business or organization resides
CountryThe country where your business or organization resides
  • Click the General tab, and then enter a Friendly name you can use to refer to the certificate.
  • Go to the Private Key tab, click Key Options,
    • Select Make private key exportable.
    • Set key size to be 2048 (for GoDaddy)
  • Click OK, and then click Next.
  • Browse for the location where you want to save the file, enter a File Name, and then click Finish.

Install code/driver signing certificate & create PFX file

Download your certificate

  1. In the SSL Certificate manager, next to your code signing certificate, click View status.
  2. Click Download.
  3. Click Download Zip File.
  4. Open the ZIP file and move the file that ends in SHA2.spc to an accessible location.

Install your certificate in MMC

  1. In your Windows search feature, enter mmc, and then click it to launch the Microsoft Management Console application.
  2. Expand Certificates (Local Computer), Personal.
  3. Right-click Certificates, and then go to the following menus: All Tasks > Imprt.
  4. Click Next.
  5. Browse for the SPC file — to find it, you'll need to change the file type to PKCS #7 Certificates (*.spc, *.p7b).
  6. Click Next.
  7. Select Place all certificates in the following store and ensure the value is Personal.
  8. Click Finish.

Create the PFX file

To create a PFX file (which you'll use with SignTool or Visual Studio), you need to combine your certificate file and your private key in MMC.
  1. In MMC, right-click your certificate (it will have your Common Name value displayed in the Issued To column), and then click Export.
  2. Click Next.
  3. Select Yes, export the private key.
  4. Under Personal Information Exchange..., select “Include all certificates in the certification path if possible”.
  5. Enter and confirm a strong password to secure the certificate, and then click Next.
  6. Browse to a location to store the combined file, and then click Next.
  7. Click Finish.

The PFX file is now stored locally on your computer.