|
-
Mar 18th, 2001, 04:21 PM
#1
Thread Starter
Junior Member
 ActiveX woes... Please help me out!
hi folks,
I'm at the end of my rope here so if you have any ideas at all, please try to help.
I just through developing an activeX control that I want to deploy on the web. I made the cab file and set it safe for init and scripting and I even muddled my way through the LPKtool to create an lpk file. But I still get a security warning that my activex control is unsafe.
Is there any possible way I can get the activeX control to function on a web page without triggering this security alert? I don't want to have to change my security settings etc.
Please help me out here!
thanks,
Shaheeb R.
www.ahmonra.com
-
Mar 19th, 2001, 07:52 AM
#2
New Member
I think you will have to get a proper signature from Verisign or other such body. But here is what I did to sign my cab for testing:
I downloaded the following files (I think you can download a zip file which includes them all. Microsoft's web site perhaps.):
Wintrust.dll (installed in the System\System32 directory)
Softpub.dll (installed in the System\System32 directory)
Mssip32.dll (installed in the System\System32 directory)
Vsrevoke.dll (installed in the System\System32 directory)
Signer.dll (installed in the tools directory)
Crypt32.dll (installed in the System\System32 directory)
Makecert.exe (creates an X.509 certificate for testing purposes only)
Cert2SPC.exe (creates an SPC for testing purposes only)
SignCode.exe (digitally signs code)
ChkTrust.exe (checks the validity of the file)
DumpCert.exe (dumps the contents of a certificate)
SetReg.exe (sets registry keys controlling certificate verification)
Put the following commands into a batch file. Edit as required:
D:
cd inetsdk\bin
makecert -sv "mycert.pvk" -n "CN=My Company" mycert.cer
cert2spc mycert.cer mycert.spc
signcode -v mycert.pvk -spc mycert.spc xxxtextxxx.cab -t http://timestamp.verisign.com/scripts/timstamp.dll
setreg -q 1 TRUE
chktrust xxxtextxxx.cab
Pause
Run the batch file, and that should be it!
When I did it this way, I still got a dialog box asking me if I trusted the company, but I think you always get this when registering an ocx on a client machine.
Have fun!
Phil.
-
Mar 19th, 2001, 02:58 PM
#3
Thread Starter
Junior Member
Thanks for your help Philip! Yesterday as I was muddling thorugh some white papers from microsoft, I came upon this solution. I thought I'd share it:
Apparently, there is a bug in VB's Package and Deployment wizard that marks controls as unsafe even though you specify that they are safe for scripting and initialization. But you can get around this problem by including what is called IObjectSafety in your project. The instructions are at this URL:
http://support.microsoft.com/support.../Q182/5/98.ASP
The steps seem a little complicated, but if you take it slow they work like a charm. And the nice thing is, you don't have to drop $400 on a verisign certificate.
BTW> With this method, there are absolutely no warnings or pop-ups.
Philip, If you have the time, I'd like to know what you thought of this method. Let me know if you found any problems etc.
ok, Thank you again,
Shaheeb R.
www.ahmonra.com
-
May 4th, 2001, 06:38 AM
#4
New Member
I was wondering if this method will also work for VBScript?
I am doing PowerPoint automation with VBScript, and every time I run the page, it gives me the "An ActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction?" error message.
Would I be taking the right step, making a certificate? Or is there a different way to bypass this.
Thanks in advance for your help
--Brandon M.
-
May 4th, 2001, 02:06 PM
#5
Black Cat
I still got a dialog box asking me if I trusted the company, but I think you always get this when registering an ocx on a client machine.
With this method, there are absolutely no warnings or pop-ups.
The prompts are determined by IE's security settings. You can set them from auto-running any control to not run any, with various states of prompts in between. I know there are a lot of folks (like those that hang out at the GRC newgroups) that wouldn't touch an active x control with a ten foot pole.
Josh
Get these: Mozilla Opera OpenBSD
I have books for sale: "MCSD in a Nutshell" and "VB Distributed Exam Cram" - PM me for details. Will also trade for a decent ATX Pentium 2 MB/CPU/RAM combo.
-
Nov 8th, 2002, 07:43 AM
#6
PowerPoster
Originally posted by shaba
Thanks for your help Philip! Yesterday as I was muddling thorugh some white papers from microsoft, I came upon this solution. I thought I'd share it:
Apparently, there is a bug in VB's Package and Deployment wizard that marks controls as unsafe even though you specify that they are safe for scripting and initialization. But you can get around this problem by including what is called IObjectSafety in your project. The instructions are at this URL:
http://support.microsoft.com/support.../Q182/5/98.ASP
The steps seem a little complicated, but if you take it slow they work like a charm. And the nice thing is, you don't have to drop $400 on a verisign certificate.
BTW> With this method, there are absolutely no warnings or pop-ups.
Philip, If you have the time, I'd like to know what you thought of this method. Let me know if you found any problems etc.
ok, Thank you again,
Shaheeb R.
www.ahmonra.com
did you actually do this and did it work for you?
-
Nov 10th, 2002, 09:22 AM
#7
Addicted Member
Does that MSDN like work for you?
hi,
Does that MSDN link worked for you? Iam getting an 404 for that.
Thanks,
Pres
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote