Security Tools (.NET Framework)

The command-line tools in this section help you perform security-related tasks, such as configuring security policy, managing certificates, and digitally signing files. They enable you to test your components and applications before you deploy them.

These tools are automatically installed with Visual Studio and with the Windows SDK. The best way to run these tools is by using the Visual Studio or Windows SDK Command Prompt.

In This Section

• Caspol.exe (Code Access Security Policy Tool)
  Enables you to view and configure security policy for the machine policy level, the user policy level, and the enterprise policy level. In the .NET Framework version 4 and later, this tool does not affect code access security (CAS) policy unless the <legacyCasPolicy> element is set to true. For more information, see Security Changes in the .NET Framework 4. 

• Cert2spc.exe (Software Publisher Certificate Test Tool)
  Creates a Software Publisher's Certificate (SPC) from one or more X.509 certificates. This tool is for testing purposes only.

• Certmgr.exe (Certificate Manager Tool)
  Manages certificates, certificate trust lists (CTLs), and certificate revocation lists (CRLs).

• Makecert.exe (Certificate Creation Tool)
  Generates X.509 certificates for testing purposes only.

• Mscorcfg.msc (.NET Framework Configuration Tool)
  Enables you to manage and configure assemblies in the global assembly cache, adjust code access security policy, and adjust remoting services.

• Peverify.exe (PEVerify Tool)
  Helps you verify whether your Microsoft intermediate language (MSIL) code and associated metadata meet type safety requirements.

• SecAnnotate.exe (.NET Security Annotator Tool)
  Identifies the SecurityCritical and SecuritySafeCritical portions of an assembly.

• Setreg.exe (Set Registry Tool)
  Enables you to change the registry settings for the Software Publishing State keys, which control the behavior of the certificate verification process. This tool is available only with versions 1.0 and 1.1 of the .NET Framework. In later versions, use SignTool.exe (Sign Tool) instead.

• SignTool.exe (Sign Tool)
  Digitally signs files, verifies signatures in files, and time-stamps files.

• Sn.exe (Strong Name Tool)
  Helps create assemblies with strong names. This tool provides options for key management, signature generation, and signature verification.

Related Sections

• Alphabetical Listing of Tools (.NET Framework)
  Provides a single alphabetical listing of all the tools in the .NET Framework Tools section of the documentation.

• Build, Deployment, and Configuration Tools (.NET Framework)
  Includes tools that help with build and deployment tasks such as generating portable executable (PE) and Microsoft intermediate language (MSIL) files, viewing and manipulating the global assembly cache, managing application and deployment manifests, and handling isolated stores and resource files.

• Debugging Tools (.NET Framework)
  Includes graphical and command-line tools that provide information about the internal common language runtime environment, help you find and fix bugs in applications that target the common language runtime, and let you view assembly binds.

• Interop Tools (.NET Framework)
  Includes tools that enable interaction between unmanaged COM components and .NET Framework managed code.

• Miscellaneous Development Tools (.NET Framework)
  Includes the following additional tools: SqlMetal Code Generation Tool and Windows Forms Class Viewer.