I think that some of the documentation on Comodo might be a bit out of date with the latest O/S and browser. I am using Windows 7 with IE9 and Chrome, both of which created problems.
After I made the purchase, I tried to use IE9 to do the certificate creation step, but that page caused several form-error type msgs from IE9 and then the form would not submit! So I gave Chrome a try; this submitted and started the process OK, but of course I couldn’t install the certificate. Right now, I’ve put in a Trouble Ticket to get this resolved and will probably end up having to install Firefox just to get the certificate downloaded. Sheesh!
Looking at these discussions and the existing documentation on the site, I’m not clear on all the different file types that seem to be mentioned and where they will be created, etc. The specific questions that I have right now are:
-
What are the PFX and SPC files that are “downloaded from Comodo”, or where otherwise do these files come from? And is there a PVK file involved in this?
-
On the signtool command line there is an argument for a “password”. Where does that come from?
-
Are there any complete and up-to-date instructions on this entire procedure – from requesting the certificate to signing code – that relate to the latest Windows O/S and browser versions?
Thanks for getting me going on this. It’s been a long day! 
We support IE6 and greater, which includes IE9.
No version of Chrome properly supports certificate enrollment that contains at least one intermediate CA.
After I made the purchase, I tried to use IE9 to do the certificate creation step, but that page caused several form-error type msgs from IE9 and then the form would not submit! So I gave Chrome a try; this submitted and started the process OK, but of course I couldn't install the certificate. Right now, I've put in a Trouble Ticket to get this resolved and will probably end up having to install Firefox just to get the certificate downloaded. Sheesh!
Firefox has native support for certificate enrollment, IE uses an ActiveX control (by Microsoft) in order to perform certificate enrollment. You can use IE, Firefox, Safari (Mac) or Opera. In my personal experiences I have never had trouble with Firefox when it comes to certificate enrollment. IE has always given me a headache.
- What are the PFX and SPC files that are "downloaded from Comodo", or where otherwise do these files come from? And is there a PVK file involved in this?
SPC/PVK are a deprecated file format that Microsoft no longer supports and only available using IE6,7,8 for Windows XP and lower. All other version of IE make use of the CSP/Windows Certificate Store.
- On the signtool command line there is an argument for a "password". Where does that come from?
That’s something you set when you create a PFX file.
See Technet for more details.
- Are there any complete and up-to-date instructions on this entire procedure -- from requesting the certificate to signing code -- that relate to the latest Windows O/S and browser versions?
It’s a pretty straight forward process. The hardest part is finding the right tool to sign the code. Most people use signtool (by Microsoft) but there are a slew of vendors that have created their own. It’s up to you which you want to use.