Code Signing - basic questions

I have several CABs that I need to digitally sign.

  1. Can I sign all of my CABs with one code signing certificate?
  2. I notice that when you buy a certificate, it has a period of time (like 1 year) associated with it.
    a. Does that mean that my digitally-signed CAB file will expire after that time, or does it mean that I will no longer be able to sign CAB files? Or both?
    b. Does the user of the CAB file need to be connected to the Internet to verify that the CAB file is still valid?



  1. You can sign as many CABs as you want, there is no limit on the number.

2a. The only thing that will expire is the code signing certificate, not the file signed.
Remember to use a/the timestamping server which says when the file was signed.

2b. The ‘user’ does not need to be connected to the internet, however if they have ‘Certificate Revocation List checking’ switched on they will see an error if they are not connected.