Windows CE - Signing

Signing on Windows CE

Windows CE provides a security mechanism to ask the user to confirm that they want to use an application/library that is unknown to the system. This process gets repeated for each dependency of an application, meaning each library the application links to, which is not recognized yet.

To simplify this process you can use signatures and certificates. A certificate gets installed on the device and each file which is signed with the according certificate can be launched without the security warning.

If you want to use signatures for your project written in Qt, configure provides the -signature option. You need to specify the location of the .pfx file and qmake adds the signing step to the build rules.

If you need to select a separate signature for a specific project, or you only want to sign a single project, you can use the "SIGNATURE_FILE = foo.pfx" rule inside the project file.

The above described rules apply for command line makefiles as well as Visual Studio projects generated by qmake.

Microsoft usually ships development signatures inside the SDK packages. You can find them in the Tools subdirectory of the SDK root folder.

Example:

  • Calling configure with signing enabled:
    configure.exe -platform win32-msvc2005 -xplatform wincewm50pocket-msvc2005 -signature C:\some\path\SDKSamplePrivDeveloper.pfx
  • Using pro file to specify signature
    ...
    TARGET = foo
    
    wince*: {
       SIGNATURE_FILE = somepath\customSignature.pfx
    }
    ...

© 2016 The Qt Company Ltd. Documentation contributions included herein are the copyrights of their respective owners. The documentation provided herein is licensed under the terms of the GNU Free Documentation License version 1.3 as published by the Free Software Foundation. Qt and respective logos are trademarks of The Qt Company Ltd. in Finland and/or other countries worldwide. All other trademarks are property of their respective owners.