About Digital Signatures for Executable Files

A digital signature is a block of encrypted information added to certain files to identify the originator and indicate whether a file has been altered since the digital signature was applied.

Executable files with digital signatures provide the following benefits:

You can examine a file's digital signature through a chain of trust back to the root certificate issued by a trusted certificate authority (CA). The digital signature for signed executable files can be accessed by right-clicking the file, clicking Properties, the Digital Signatures tab, the name of the signer and the Details button, and then View Certificate.

Executable Files Associated With AutoCAD-Based Products

The following file types are executable or can contain executable code: ARX, CRX, CUI, CUIx, DBX, DLL, DVB, EXE, FAS, HDI, JS, LSP, MNL, PGP, RX, SCR, and VLX. Autodesk protects you by digitally signing the executable files in its software products, however, CUI, CUIx, DVB, JS, PGP, and SCR files can contain executable code, but cannot be digitally signed yet. It is recommended that these types of files be located in read-only folders accessible by a CAD or network administrator.

Invalid Digital Signatures

A digital signature will become invalid for the following reasons:

Note: Renaming a file does not invalidate its digital signature.

Digital Signatures and AutoLISP Files

To attach a digital signature to an AutoLISP file, you must either have a digital certificate issued by a certificate authority, or you can create a self-signed certificate using one of several utilities.

To assure the integrity of shared AutoLISP executable files, use the AcSignApply utility to apply digital signatures to the files. If you later need to revise a digitally signed AutoLISP file make your changes, manually delete the digital signature block at the end of the file, and then assign a new digital signature.