Digital Signing of ActiveX Controls

After much searching around, I’ve finally managed to sign and trust my ActiveX control (written in VB6). For my own sanity, I’m posting here the summary of how to do it (and maybe someone else may find it of use one day!).

Marking the ActiveX control as ‘Safe’

Firstly the ActiveX control must be declared to run in a safe mannor. There are a couple of ways to accomplish this, but the easiest method is:

  • Run the Package and Deployment Wizard that comes with Visual Studio 6 (Program Files->Visual Studio->Visual Studio Tools)
  • Select Internet Package, pretty much accept all defaults.
  • Copy the cab over, and then digitally sign (see below).
  • Digitally Signing the ActiveX Control

    Use the pvk2pfx.exe utility from Microsoft, provided as part of Microsoft Visual Studio (I’m using vn 2008):

    pvk2pfx.exe -pvk mykey.pvk -spc mycert.sfc -pfx OutputPFX.pfx

    (where the .pvf and .sfc files are provided by the certificate authority).

    This generates the .pfx file that can be used with the signtool.exe that comes with Microsoft Visual Studio:

    signtool.exe sign /f OutputPFX.pfx /v ActiveX.ocx

    Link to Microsoft Article:

    Leave a Reply

    Fill in your details below or click an icon to log in: Logo

    You are commenting using your account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s