以下使用的環境為以 Windows Server 建立的Standalone CA,Enterprise CA 大同小異
首先建立一個憑證範本,用以提交 Code Signing Request 給 CA
其中藍字部分改為自己需要的內容
將其存檔為 CodeSigning.inf (純文字檔)
[Version]Signature="$Windows NT$"[NewRequest]Subject = "CN=Dino9021 Code Signing, OU=IT, O=DinoClub, L=Hsinchu, S=Taiwan, C=TW"KeySpec = 1KeyLength = 2048Exportable = TRUEMachineKeySet = FALSESMIME = FALSEPrivateKeyArchive = FALSEUserProtected = FALSEUseExistingKeySet = FALSERequestType = PKCS10ProviderName = "Microsoft RSA SChannel Cryptographic Provider"[Extensions]2.5.29.37 = "{text}"_continue_ = "1.3.6.1.5.5.7.3.3" ; Code Signing EKU