What is the use of SNK & PFX file used for signing? RRS feed

  • Question

  • Hello ,

    Please give me some information about PFX file and SNK file.

    Right now my requirement is some thing like this.

    I have developed some core .NET DLLs of my company and I want to give those DLLs to my developers on their PC. If I give those dlls then may be they would steal those dlls and develop software using those dlls and I don't want that. I want something like that those dlls should be working on that particular developer PC I allow while development. It should not work on other PC.

    Is this kind of security possible using either PFX or SNK?

    Which one is better to use?

    What is the advantage of Delay signing?

    I can't give any dlls to any of my developer right now.

    please help me.

    thanks in advance.

    • Edited by Krish Kapadia Tuesday, June 26, 2012 4:28 AM spell mistake
    Tuesday, June 26, 2012 4:26 AM


  • Code signing is used to certify the origin of the codes, and is not designed for this purpose.

    However, if you want to limit the deployment of DLL within your company (not necessarily only development machine, test machine without development tools as well), one way is to generate a e-cert from your corporate Certification Server in your AD, then deploy the e-cert to the development OU of your company. If you sign the DLL with such cert, the DLL will appear as properly signed in those developer's machine, while on other machine it would be displayed as with self generated certificate and not trusted.

    (Note: As developers, if they're not stupid enough, they can use the same concept to develop countermeasure.)

    Regarding delayed signing, it'll enable the application to be run on developer's machine without the need for you to give them the production e-cert private key.

    Tuesday, June 26, 2012 5:15 AM