Creating a code-signing certificate

The system signs code objects using a code-signing certificate that is password protected. This procedure explains how to generate a code-signing certificate using Workbench. You may use a third-party tool to generate a code-signing certificate followed by importing it into your Workbench User Key Store. Such an imported certificate must have a code-signing set as its extended key usage. This is a standard certificate extension.

You are working in Workbench running on a Supervisor or engineering PC.
  1. Click Tools > Certificate Management.
    The Certificate Management view opens.
  2. Click the New button at the bottom of the view.
    The Generate Self Signed Certificate window opens.

  3. Fill in the properties.
    In addition to the required properties, define your Locality (L) (city) and State/Province (ST). Without these properties the system reports an error message.

    Country Code is a two-character ISO code (refer to the ISO CODE column at countrycode.org).

    Choose Code Signing for Certificate Usage.

    The OK button activates when all required information is provided.

  4. To create the certificate, click OK.
    The Private Key Password window opens.

  5. Enter a strong password and click OK.
    Your password must be at least 10 characters long. At least one character must be a digit; one must be lower case; and one must be upper case.
    The system submits the certificate for processing in the background.
  6. When the certificate has been created, click OK.
    This self-signed certificate appears as a row in the User Key Store tab, identified by a yellow shield icon ().
Protect this certificate and password! If someone steals your certificate and knows your password, they could damage your operation by using your certificate to sign their own malicious code.