Try OpenEdge Now
skip to main content
WebClient Applications
Designing Security : Digitally signing files

Digitally signing files

When deploying an application, you can digitally sign each cabinet file and have the end user verify each digital signature when the file downloads. This approach provides end users with the assurance that each file has:
*Authenticity — Assurance that you prepared the file
*Integrity — Assurance that nobody has tampered with the file
Note: Progress Software Corporation strongly encourages the application deployer to digitally sign each file to be downloaded.
The WebClient Application Assembler uses Microsoft Authenticode technology to sign the application cabinet files digitally. It requires access to the signtool.exe, pvk2pfx.exe, and optionally makecert.exe tools. You need makecert.exe if you wish to create a mock public-key certificates for testing. These tools are part of Microsoft Windows SDK.
* Making Microsoft signing tools available to OpenEdge
* How WebClient uses digital signatures