A former community discussing the business of software, from the smallest shareware operation to Microsoft. A part of Joel on Software.
We're closed, folks!
Doug Nebeker ("Doug")
So I saved a couple of hundred $ last month by moving to Comodo (from DigiCert), and made a new release yesterday.
Now the dreaded SmarktScreen is back on W8, which I can only put down to the change in certificate. Worse still is that even if I sign the executable I'm still getting Unknown Publisher (in the past, we only signed the ClickOnce manifest, which is the usual practice for clickone deployments).
There apparently is some mechanism by which you can inform MS of a change in key and move some of your old app reputation - I have spent hours searching for a way to do this today, does anyone have any idea?
I despise MS for the way in which they have implemented this, and that even when you try and jump through every hoop they lay out for you, these issues still arise. Also add to the mix the idea that if people get used to just clicking "run anyway" because of so many false positives (if they can find the option under "more info"), then the whole idea falls apart anyway.
Anyway that was just a rant really, but if anyone has an email address to send this reputation transfer request to I'd be grateful.
Previously I was signing the setup.exe bootstrapper and the manifest, but not the installed executable itself. This has always been fine.
Since the update, I now get a smart screen warning when the actual executable is run (post install), and it says unknown publisher. I have tried signing this (in the .deploy stage), and if I right click this file I can see certificate info. Still says unknown publisher. When to sign the app exe might be an issue, I'm not sure. I tried signing after I had made the deployment, which I do with a third party tool post-obfuscation.
Just to confuse matters further, I don't actually deploy a new bootstrapper with each release as it is not (usually) required. The one I am still running now is signed with my old key, and does not throw a warning. I tried signing a new one with my new key and did get a warning.
I hate these sorts of problems - 5 hours of my day wasted with so much other work to do..
ps I desperately want to get away from ClickOnce as a deployment solution - I picked it when I was quite clueless about things, and thought the auto updates would be nice. It causes me a lot of grief - not least the laughable fact that you cannot even windows logo your clickonce application (true at least for W7) - mostly I think because their automatic tool was unable to detect CO installs. Another half day of my life wasted on that before I realised. Apparentyl a W7/8 logo helps with reputation for smartscreen as well.
Any suggestions for to painlessly transfer to another deployment method?
This topic is archived. No further replies will be accepted.Other recent topics
Powered by FogBugz