Codesigning - Windows
-
Anyone got any info about this? I have a few customers who are getting the pop-up warning them about unsigned software and it's triggering support requests which I'd rather not have.
-
Ok, I will list you the order of events that I went through when trying to acquire a code-signing certificate:
- Bought a certificate for 60 bucks.
- The company denied handing out the certificate because I was an individual entity and not a company.
- They told me to make a business entry in any kind of "official" database (like the telephone book) to prove that I'm not a scammer (as if that would actually work LOL).
- I did so despite my concerns of data visiblility and privacy.
- Sent them the link to my profile
- They denied again because I made a "business account" on the telephone-book thingy internet page and since I ordered a "personal" certificate I have to create a "personal" account.
- I called the internet phone book company and asked them to switch the profile.
- They denied, saying that switching a profile will take about 2 years, however if I sign up for their "business pro" account, which costs 800€ / year, it will be done in a few hours.
- I told them they can stick their "dead horse head in the bed" extortion tactics somewhere else and hung up. Got so angry that I abandoned any further efforts (no amount of customer support mails saying "Just click on open anyways" can be more annoying that keeping up with these kind of people).
So now you think the story is over, but no:
- Two years later, the german agency that collects the license payment for publicly-funded media (GEZ) wrote me a letter saying that they found out I am running a company (most likely by running a script over the telephone book database thingie) and require me to register the office and pay additional license fees (although I'm working from home and my company is registered at my private address which is already covered by the private household fees).
- I ignored the letters as much as I could because it brought back PTSD style memories from the code-signing scam that I was trying to forget.
- At some point they called me, where I said "nope, working from home, go away", which miraculously worked
- Every two or three months I get a phone call from some marketing scam company because of that business entry.
TLDR: It's not worth it - if you're in another country or have a registered company that meets up their weird requirements as a sole-trading business will not cut it, it might work just well...
-
@d-healey i just bought a windows asus duo pc. with all that there are recent folds inside. I had a message of this style, that my plugin was surely something not verified and therefore dangerous. I simply cut my perfume and their crappy antivirus. and everything is ok. i really hope windows won't piss off like mac with their crappy certificate. sorry I had to evacuate ^^
-
Just Bundle The .dll Files, And Give The Choice To Your Customer, It Works For Me.
And Remember Windows People Are Not Mac Cutey Teenagers, They Do Hack Stuffs, And Know The Environment Of Windows Very Well...
So Copy & Pasting Dll Files Are More Welcome Here
-
@Christoph-Hart Which company did you buy the certificate from?
-
I'm using https://comodosslstore.com/
Dan Korneff - Producer / Mixer / Audio Nerd
-
@dustbro Ok so you buy a certificate - what next?
HISE Development for hire.
www.channelrobot.com -
Me trying to remember the company:
-
@Lindon Install the certificate on your machine (.p12 file), and then pass the private key to your code signing software.
I'm using Pace, so I add it to the command line wrap configuration with:--signid <your dsig ID>Dan Korneff - Producer / Mixer / Audio Nerd
-
@dustbro "Pace" --- shudder....;-)
-
The price is prohibitive, so maybe when I'm sure to earn enough I'll have a second thought...
-
@Christoph-Hart said in Codesigning - Windows:
Ok, I will list you the order of events that I went through when trying to acquire a code-signing certificate:
I'm at about step 6 here and I think I'm going to give up. Agreed, probably not worth it.
-
@Lunacy-Audio said in Codesigning - Windows:
@Christoph-Hart said in Codesigning - Windows:
Ok, I will list you the order of events that I went through when trying to acquire a code-signing certificate:
I'm at about step 6 here and I think I'm going to give up. Agreed, probably not worth it.
Yes definately. I can live without doing it and it's not worth it.
-
@dustbro have you actually paid for that extra smartscreen thingie? I found that to be particularly scammy as it's literally "Give me money or I will harass your customers for no reason".
The more I think about the subject the more I wonder why this is legally possible...
-
@Christoph-Hart said in Codesigning - Windows:
The more I think about the subject the more I wonder why this is legally possible...
Money makes anything legal...
-
Clearest instructions I've found so far https://www.ssl.com/how-to/using-your-code-signing-certificate/
Libre Wave - Freedom respecting instruments and effects
My Patreon - HISE tutorials
YouTube Channel - Public HISE tutorials -
@d-healey but it starts at list item #14 in my procedure ;)
-
@d-healey so then I should be able to use my Apple Developer Application Certificate - as I think this exports as a P12 file....
HISE Development for hire.
www.channelrobot.com -
@Lindon Nope that doesn't work. Apple is not a certified signing entity on Windows. Now why that is the case and why a bullshit company like Comodo should be anymore trustworthy than Apple, speaks volumes about the actual motives behind this.
https://stackoverflow.com/questions/12468783/code-sign-windows-programs-with-apple-certificate
-
@Christoph-Hart thanks - Yes the politics is pretty stinky.... hey ho...
