How to sign the output executable during the build process in Visual Studio?

When I use a strong name key file as indicated in the project properties, it requires that all referenced assemblies 开发者_StackOverflow中文版to also use such a similar signature.

But what I want is to sign using the WinDDK Signtool.exe. This I already do manually, but I also want to debug sign assemblies, and the best way of doing that is including the signature in the build, probably as a AfterBuild step.

The problem is I don't know how to create a AfterBuild step

You are mixing things up here. A strong name is not the same thing as the certificate that's added to a binary with signtool.exe. There is also no requirement that dependent assemblies have a certificate or that it needs to match. Nor does it make sense to sign a debug build, only your customer is interested in it. You already know that you can trust yourself.

Running sn.exe to give an assembly a strong name is already supported by msbuild.

I had to add the following lines to the *.csproj file:

<Target Name="AfterBuild">
   <Exec Command="sign.bat" />
</Target>

And then I added a sign.bat file to the project root folder

I found this solution at some blog