You are here: Development Tasks > Generating the RTE Installer > Signing the RTE Installer

Signing the RTE Installer

This section is relevant only for LDK Products/Entitlements.

Digital signatures allow administrators and end users who are installing the Run-time Environment (RTE) to know that the software is provided by a legitimate publisher. In addition, certain Windows operating systems enforce the use of digital signatures for some types of code. In these cases, installing unsigned software requires a higher authorization level.

Gemalto highly recommends that you apply your digital signature to the RTE installer to simplify installation of the RTE by the end users and increase their confidence in the software.

The procedure that follows describes how to apply your digital signature to an RTE installer .exe file.

To apply your digital signature to the RTE installer (.exe file):

Obtain a digital signature from one of the certification authority providers.
Prepare a batch (.bat) file that contains the following command:
```
signtool.exe sign /v /p <password> /f <pfxSignatureFile> /n "<subject>" /t http://timestamp.verisign.com/scripts/timestamp.dll <rteInstallerExe>
```
where:
- password—password for opening the .PFX signature file
- pfxSignatureFile—path and name of your signature file
- subject—name of the subject of the signing certificate
- rteInstallerExe—name of the RTE installer file
For example:
```
signtool.exe sign /v /p pwN#%12A /f abcsoft.pfx /n "ABC Software Inc." /t http://timestamp.verisign.com/scripts/timestamp.dll haspdinst.exe
```
Place the batch file in the same directory as the signtool.exe program and the RTE installer. Execute the batch file.
The signtool.exe program is provided by Microsoft as part of the Windows SDK.

For more information about driver signing, go to the following Microsoft link: http://www.microsoft.com/whdc/winlogo/drvsign/drvsign.mspx

http://www.safenet-inc.com/Support

Sentinel EMS for Sentinel LDK v.7.7