How to: Sign a Package Using a Digital Signature

This procedure describes how to sign a package with a digital signature to prevent altered packages from loading and running. The certificate must be issued by a trusted certificate authority and you can use only certificates that were created for the purpose of code signing. For more information, see the topic, "Introduction to Code Signing," in the MSDN Library.

To determine whether a certificate is enabled for code signing, review the properties of the certificate in the Certificates dialog box.

To view and modify certificate purposes

  1. Locate the executable, certmgr.exe, on a local or remote computer.

  2. Double-click, certmgr.exe.

  3. In the Certificates dialog box, click the Trusted Root Certification Authorities tab.

  4. Double-click the certificate that you want to work with.

  5. Click the Details tab. The Enhanced key usage (property) field lists the purposes of the certificate. The Code Signing check box must be selected.

    Note

    The Thumbprint field lists the value that you use as the hash argument when you include the sign option in a dtutil command line. Before you can use the value, you must remove its spaces. For more information about signing packages using the dtutil command prompt utility, see dtutil Utility.

  6. Optionally, click Edit Properties, and on General tab in the Certificates Properties dialog box select other purposes.

  7. To close the Certificates Properties dialog box, click OK.

  8. To close Certificates Properties dialog box, click OK.

To sign a package

  1. In Business Intelligence Development Studio, open the Integration Services project that contains the package you want to work with.

  2. In Solution Explorer, double-click the package to open it.

  3. In SSIS Designer, on the SSIS menu, click Digital Signing.

  4. In the Digital Signing dialog box, click Sign.

  5. The Select Certificate dialog box, select a certificate.

  6. Optionally, click View Certificate to view certificate information.

  7. Click OK to close the Select a Certificate dialog box.

  8. Click OK to close the Digital Signing dialog box.

  9. To save the updated package, click Save Selected Items on the File menu.

See Also

Concepts

Security Considerations for Integration Services
Security How-to Topics (SSIS)

Help and Information

Getting SQL Server 2005 Assistance