A former community discussing the business of software, from the smallest shareware operation to Microsoft. A part of Joel on Software.
We're closed, folks!
Doug Nebeker ("Doug")
Im a close watcher of this forum,when i was going to ask you guys about this issue,i find a lot of recent similar posts.
The thing is i have a setup file,its currently unsigned.When i download it from the website and execute it,Windows 8 Does NOT show any specific warnings.Just the normal Uknown publisher thing.
Completed a new version with lots of bug fixes and improvements.I simply upload the exe file(program executable not setup ) to dropbox and tried downloading.Windows presented me with a big message in Blue plus
this chrome shows its not commonly downloaded,discard message.
Note that my current version does not have this issue at all.
Will packing into an installer fix this?
And will it help if i get a code signing certificate? Is there any free providers of code signing certificates?
And is the process tedious,im just an individual developer.
Comodo seems much on the economy side,i dont make much money.
Let me quote from my old blog post:
"If you remember what TUCOWS originally stood for, you have been in this industry for too long. Anyway, today’s Tucows has a special reseller deal with a major Certificate Authoity (CA) and sells their code signing certificates for $195 for three years. Just in case, the same 3-year certificate bought directly from that CA would cost you $500.
To get advantage of this offer, go to Tucows Author Resource Center at https://author.tucows.com/, register as an author (free), log in, and follow the “Code Signing Certificates” link in the sidebar."
Monday, February 02, 2015
The process of getting a code signing certicate can be very tedious and time consuming, so get a long duration one if you can. Actually using it to sign stuff can be painful as well. I find the following utility a massive help with this: https://www.briggsoft.com/signgui.htm
Signing your application will help with Windows 8. It won't help wit the Chrome not commonly downloaded issue. There are work arounds for this issue, such as hosting your downloads on Google Drive.
Saturday, February 07, 2015
I got a Comodo certificate from http://www.ksoftware.net/. It was pretty painless.
Signing is 2 extra lines in the .bat file I use to build the Windows versions of PerfectTablePlan and Hyper Plan. 1 line to sign the executable and 1 line to sign the installer.
signtool.exe sign /f <.pfx file> /p <password> /t http://timestamp.verisign.com/scripts/timstamp.dll <.exe file>
To check the signing:
chktrust.exe <.exe file>
That's it! signtool.exe is a free Microsoft tool. If it isn't already on your machine, the googles should tell you where you can find it.
It is more complicated on Mac:
You only need 1 certificate per company. Not 1 per app.
Note that (of course) Mac certs aren't accepted by Windows and vice versa.
Sunday, February 08, 2015
Also, not all valid certificates are recognised by Windows. IIRC you need a class 4 authenticode certificate whose root certificate is recognised by all the versions of Windows you want to target. You can use your website SSL certificate, but Windows won't recognise it. Comodo certificates are the cheapest authenticode certificates that work with all versions of Windows (as far as I know).
Sunday, February 08, 2015
This topic is archived. No further replies will be accepted.Other recent topics
Powered by FogBugz