Ahe's Blog－－菠菜汤一样的幸福人生

Step 1 - Sign the files

The first step is sign our .exes, .dlls and the other files of our application.  To do this we'll can use our RDAs or use the utility signtool.exe:

signtool.exe sign /f MyCert.pfx *.exe *.dll *.cpl  [....and so on] 

Step 2 - Include our certificate in cab

In first article we've create _setup.xml which contains our certificate in wap-provisioningdoc format.
So now we'll create a copy of _setup.xml and we'll rename it to Pre_MyCert.xml.
We'll remove the <?xml version="1.0" encoding="utf-8" ?> and <wap-provisioningdoc> tags.
The result will be:

<characteristic type="CertificateStore">    <characteristic type="Privileged Execution Trust Authorities">        <characteristic type="2bd9dd0aadf266f9810a1210a2052144bf2e3f22">            <parm name="EncodedCertificate" value="MIIB8jCCAVugAwIBAgIQztL5fI8kyrFE9be6IfYcXTANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdDcmlTb2Z0MCAXDTk5MTIzMTIzMDAwMFoYDzIwOTgxMjMxMjMwMDAwWjASMRAwDgYDVQQDEwdDcmlTb2Z0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSNfTSjNJy4zZKi9wen/9CLt1cwWcYIaIp4xIuDd9VIXy3hBj+FpL11E9dO7Sa5FXcIo8P9WttLHkd9TS8GXUEJShU+b/JtPDQ3EvpuJcSpo0CEuAI3fr7+LpIVtfZto+lA8/8Ch7cssZQqPaNClIP2+9DrR5l7t5XvCGLltfrcQIDAQABo0cwRTBDBgNVHQEEPDA6gBDsxeAuaLF3Ax+fxz0bWdqvoRQwEjEQMA4GA1UEAxMHQ3JpU29mdIIQztL5fI8kyrFE9be6IfYcXTANBgkqhkiG9w0BAQQFAAOBgQC2Tsg8FhGLhCgTIxKEErFzZw1bNxrnxAjao3hkA2jtv3jGkejWMnnBODogUPbwnkxRTlmKEjBhFiltP4c4djE4cDApXpnj26R7eX6PmhPmvJHRJP4JM8WEzq/saWyCBEyfhslSSKCVQeNSSJZ6//5FFqAJIQZ8DklQpSP6mIG3mw==" />        </characteristic>    </characteristic></characteristic><characteristic type="CertificateStore">    <characteristic type="SPC">        <characteristic type="2bd9dd0aadf266f9810a1210a2052144bf2e3f22">            <parm name="EncodedCertificate" value="MIIB8jCCAVugAwIBAgIQztL5fI8kyrFE9be6IfYcXTANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdDcmlTb2Z0MCAXDTk5MTIzMTIzMDAwMFoYDzIwOTgxMjMxMjMwMDAwWjASMRAwDgYDVQQDEwdDcmlTb2Z0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSNfTSjNJy4zZKi9wen/9CLt1cwWcYIaIp4xIuDd9VIXy3hBj+FpL11E9dO7Sa5FXcIo8P9WttLHkd9TS8GXUEJShU+b/JtPDQ3EvpuJcSpo0CEuAI3fr7+LpIVtfZto+lA8/8Ch7cssZQqPaNClIP2+9DrR5l7t5XvCGLltfrcQIDAQABo0cwRTBDBgNVHQEEPDA6gBDsxeAuaLF3Ax+fxz0bWdqvoRQwEjEQMA4GA1UEAxMHQ3JpU29mdIIQztL5fI8kyrFE9be6IfYcXTANBgkqhkiG9w0BAQQFAAOBgQC2Tsg8FhGLhCgTIxKEErFzZw1bNxrnxAjao3hkA2jtv3jGkejWMnnBODogUPbwnkxRTlmKEjBhFiltP4c4djE4cDApXpnj26R7eX6PmhPmvJHRJP4JM8WEzq/saWyCBEyfhslSSKCVQeNSSJZ6//5FFqAJIQZ8DklQpSP6mIG3mw==" />            <parm name="Role" value="222" />        </characteristic>    </characteristic></characteristic>

Step 3 - Create the cab

Ok, now we have the xml file and our signed application's files, so we can build our cab with this simple command line:

CabWiz.exe MyApp.inf /prexml PreXML_MyCert.xml" /err Error_MyApp.log /cpu ARM 

This is! The output will be our cab with our application and our certificare ready to install on device.
For more information about .inf file to create cab check MSDN library.

deploycertwithcode.zip