Digital Signing an App
Digital Signing an App
I have seen many post on this topic but no real answer. And yes this is not for a hack. I need my app to be signed so that Windows 7/8 don't pop up and tell the user that it is not digitally signed. Can someone point me in the right direction. Do I need Verisign, Microsoft or other tools to do this? Just a general how to guide. Where do I start?
Re: Digital Signing an App
You start by purchasing a code-signing certificate.
Then you use the Microsoft tools to sign the exe/dll after you build them.
Whichever vendor you use to purchase your certificate from will help you installing it on your system; using the microsoft tools is childsplay...
Then you use the Microsoft tools to sign the exe/dll after you build them.
Whichever vendor you use to purchase your certificate from will help you installing it on your system; using the microsoft tools is childsplay...
Re: Digital Signing an App
> so that Windows 7/8 don't pop up and tell the user that it is not digitally signed
Be aware that you'll still get a pop-up anyway, even with a signed executable.
It'll just have the name of the vendor though, instead of "Unknown". To newbies,
there's no difference: they both see a pop-up and wonder what it's all about.
Be aware that you'll still get a pop-up anyway, even with a signed executable.
It'll just have the name of the vendor though, instead of "Unknown". To newbies,
there's no difference: they both see a pop-up and wonder what it's all about.
I compile using 5.31 (x86) on Win 7 Ultimate (64-bit).
"PureBasic won't be object oriented, period" - Fred.
"PureBasic won't be object oriented, period" - Fred.
-
IdeasVacuum
- Always Here
- Posts: 6426
- Joined: Fri Oct 23, 2009 2:33 am
- Location: Wales, UK
- Contact:
Re: Digital Signing an App
What does it really get you? VeriSign were hacked last year (several times apparently) as were other significant suppliers in recent times, including this year. So how is that going to gain your customers' confidence - they won't know if your Certificate is genuine or not.
http://www.itpro.co.uk/638701/who-to-tr ... isign-hack
http://www.darkreading.com/attacks-brea ... /231600498
http://www.computerworld.com/s/article/ ... rtificates
http://www.eweek.com/security/bit9-hack ... n-malware/
The cost is a problem too. Digital Certificates are a major expense. An individual developer may not be able to afford the annual payments, but a consortium of hackers could raise the money to buy if they wished!
http://www.itpro.co.uk/638701/who-to-tr ... isign-hack
http://www.darkreading.com/attacks-brea ... /231600498
http://www.computerworld.com/s/article/ ... rtificates
http://www.eweek.com/security/bit9-hack ... n-malware/
The cost is a problem too. Digital Certificates are a major expense. An individual developer may not be able to afford the annual payments, but a consortium of hackers could raise the money to buy if they wished!
IdeasVacuum
If it sounds simple, you have not grasped the complexity.
If it sounds simple, you have not grasped the complexity.
Re: Digital Signing an App
Don't forget that Opera's cert was hacked, too:
http://www.pcmag.com/article2/0,2817,2421085,00.asp
So, is that version of Opera you downloaded the real deal, or malware?
Also, I tried to install an old app I had on my hard drive the other day,
and it REFUSED because the cert had expired. There's no new version
that provides the same functionality, so it being signed means I can
never use it again. Imagine if I had paid for that app!
I hate the whole concept of signing. It solves nothing, as shown.
http://www.pcmag.com/article2/0,2817,2421085,00.asp
So, is that version of Opera you downloaded the real deal, or malware?
Also, I tried to install an old app I had on my hard drive the other day,
and it REFUSED because the cert had expired. There's no new version
that provides the same functionality, so it being signed means I can
never use it again. Imagine if I had paid for that app!
I hate the whole concept of signing. It solves nothing, as shown.
I compile using 5.31 (x86) on Win 7 Ultimate (64-bit).
"PureBasic won't be object oriented, period" - Fred.
"PureBasic won't be object oriented, period" - Fred.