Skip to main content

XAIT signalling of privileged certificate SHA-1 hash

Please note these forums are being decommissioned and use the new and improved forums at
1 reply [Last post]
Joined: 2010-07-14
Points: 0

We have a signed application that requires privileges for class loading.

If I understand correctly, in order to grant this we need one of the certificates to be privileged by having it's SHA-1 hash signalled in the XAIT. So we have 2 questions;

1) How do we extract the SHA-1 hash from the certificate (or do we generate a SHA-1 hash of the certificate)?

2) What do we put in the to signal the hash?

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Joined: 2008-07-03
Points: 0

To generate the hash(es), simply compute the SHA-1 hash of 1 or more of the certificates in the chain used to sign your application that needs MonAppPermission. A single 20-byte (160-bit) SHA-1 hash for a single certificate. The spec allows you to provide multiple hashes in case there are multiple privileged apps signed by multiple authorities.

To put this information into a file, see the following wiki:

Look for "Privileged Certificates"