Digitally signing a custom program file informs the user as to who published the file and whether changes were made to the file after it was signed.
Prior to distributing a custom application, you should consider signing each file that supports digital signatures and will be loaded into an AutoCAD-based program. While digitally signing a custom program file is optional, it is recommended.
The following outlines the benefits of attaching a digital signature to a custom program file:
- Increases the security for a workstation; loading a digitally signed file lets the user know who published the file and if it was modified after being signed.
- Files can be loaded from outside of a trusted location; the File Loading - Security Concern message box isn't displayed each time a file is loaded. By default, files in a
bundle aren't trusted.
- All files signed by the same publisher can be trusted; once a publisher is trusted, all custom program files with the same digital signature are automatically trusted.
- Improves the customer's experience by reducing the number of steps to setup and configure a custom program.
Custom Program Files that Can Be Digitally Signed
You can add a digital signature to the following custom program file types:
- ARX - ObjectARX file
- CRX - Console Runtime Extension file; similar to an ARX file except no user interface
- DBX - ObjectDBX (Object Enabler) file
- DLL - Menu Resource Library or .NET Assembly
- FAS - Fast-load AutoLISP file
- MNL - Menu AutoLISP file
- LSP - AutoLISP Source file
- VLX - Compiled AutoLISP project file (MAKELSPAPP and VLISP commands)
Note: VBA project (DVB) and Javascript (JS) files cannot be digitally signed.
Tools Required to Digitally Sign Custom Program Files
Special tools are required to digitally sign a custom program file. The tool required is based on the type of file to be signed. The following provides an overview of the two tools that can be used:
Attaching a Digital Signature Workflow
The following provides a basic outline of the process that must be followed to attach a digital signature to an AutoLISP or binary file.
- Signing an AutoLISP File
-
- Make or obtain a digital certificate from a vendor.
For information on making a digital certificate, see "To Make a Digital Certificate."
- If you make a digital certificate, create a PFX file and then import the digital certificate.
For more information, see the topics "To Create A Personal Information Exchange (PFX) File" and "To Import a Digital Certificate."
- Attach the digital signature to the AutoLISP file with the Attach Digital Signature (AcSignApply.exe) tool.
For information on signing an AutoLISP file, see "To Digitally Sign an AutoLISP File."
- Load the newly signed file into an AutoCAD-based program and verify that the digital signature is recognized.
- Signing a Binary File
-
- Make or obtain a digital certificate from a vendor.
For information on making a digital certificate, see "To Make a Digital Certificate."
- If you make a digital certificate, create a PFX file and then import the digital certificate.
For more information, see the topics "To Create A Personal Information Exchange (PFX) File" and "To Import a Digital Certificate."
- Attach the digital signature to the binary file with the Sign Tool (SignTool.exe).
For information on signing a binary file, see "To Digitally Sign a Binary (ObjectARX or Managed .NET) File."
- Load the newly signed file into an AutoCAD-based program and verify that the digital signature is recognized.