Web Analytics

How to Digitally Sign vsix files using eSigner CKA

A .vsix file is a Visual Studio Extension Installer package used by Microsoft Visual Studio. It contains software that adds new functionality or extends existing capabilities within the Visual Studio IDE (Integrated Development Environment).

Securing your VSIX package with a digital signature enhances its security and deters unauthorized modifications. When installing, the VSIX installer shows the digital signature and provides a link to the certificate. Any unauthorized changes to the VSIX content, without a corresponding update to the digital signature, will prompt the installer to alert the user about a compromised package signature.

eSigner CKA (Cloud Key Adapter) is a Windows application that utilizes the CNG (KSP Key Service Provider) interface to enable tools like certutil.exe and signtool.exe to access the eSigner Cloud Signature Consortium (CSC) API for enterprise code signing tasks. Functioning as a virtual USB token, it loads code signing certificates directly into the Windows certificate store.

Requirements

  1. Purchase an SSL.com Code Signing Certificate or Extended Validation (EV) Code Signing Certificate
  2. Enroll your code signing certificate in eSigner
  3. Download and install eSigner CKA

Steps to Sign

  1. Download Dotnet Core SDK: https://dotnet.microsoft.com/en-us/download/dotnet/7.0
  2. Install OpenVSIXSignTool
    dotnet tool install -g OpenVsixSignTool
  3. Use this sign command:
    OpenVsixSignTool sign --sha1 CERTIFICATE THUMBPRINT --timestamp http://ts.ssl.com -ta sha256 -fd sha256 "SIGNABLE FILE PATH"
If you have questions related to PKI and digital certificates, please contact us by email at Support@SSL.com, call 1-SSL-Certificate (1-775-237-8434), or simply click the chat button at the bottom right of this page. As always, thank you for choosing SSL.com!

Subscribe To SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com and stay informed of the latest changes about digital identity and encryption that can impact and enhance your life.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.