none
How to Sign Windows Application with Comodo Code Signing Cerificate

    Question

  • Hi,

    I have a valid Comodo Code Signing certificate, installed in my Personal Certificate store. I have selected that certificate within the "Sign the ClickOnce manifests" area of Project Properties/Signing. I am then able to build the solution, and the process appears to work. Yet upon install, I receive the familiar "unknown publisher" warning.

    I want to be able to sign the application, so that the download does not appear as potentially malicious, and so that upon install, the process is shown as trusted.

    I'm a little unclear as to what I actually need to do - is there a dummies guide anywhere which explains?

    I'm also not sure whether I should be checking the "Sign the Assembly" box - and have seen reference to using external signing routines as well.

    Thanks

    John


    Cheers, John

    Monday, November 30, 2015 8:10 PM

Answers

  • I think I've got a step closer... By using Signtool.exe, I am able to digitally sign my MSI file. The 'amber warning is now gone' when running the MSI from disk. Now I just need to work on getting Windows to look upon my code more kindly when downloaded! :)

    Cheers, John

    • Marked as answer by j_dublevay Wednesday, February 17, 2016 3:30 PM
    Monday, November 30, 2015 9:02 PM

All replies

  • I think I've got a step closer... By using Signtool.exe, I am able to digitally sign my MSI file. The 'amber warning is now gone' when running the MSI from disk. Now I just need to work on getting Windows to look upon my code more kindly when downloaded! :)

    Cheers, John

    • Marked as answer by j_dublevay Wednesday, February 17, 2016 3:30 PM
    Monday, November 30, 2015 9:02 PM
  • Hello John,

    Please have a check this guide post to add a proper thread title tag.

    It is a bit confused that what application you are developing, because from your post, it seems you have created a msi file for your project, while as far as I know, windows store app would generate a .appx file rather than a .msi file.

    If you are developing a windows platform application, as windows form, wpf with visual studio, I suggest you could ask it on the click once forum:

    https://social.msdn.microsoft.com/Forums/windows/en-US/home?forum=winformssetup

    Or the comodo-code-signing-cerificate official support forum should be also proper.

    Anyway, it seems you have already found a workaround for your issue. That is great, cheers.

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Wednesday, December 02, 2015 6:14 AM
  • Apologies, I have only just found this reply. I guess I was being old school in just saying "windows application" - i.e. a 32 or 64-bit windows application to run on a PC running Windows. I am not sure where I implied it was anything to do with Windows Store. Surely the 'Personal Certificate Store' is a standard term for the certificate store on a Windows PC?

    Also, not entirely sure why tagging the thread with VB etc would have helped, as it literally was about signing the executable. As you say, I found what I wanted anyway (and from what I can tell, it's the proper method - not a workaround?), so not really sure why your response was marked as the answer, when I'd already answered it myself?

    Anyway, thanks for responding. Sometimes I find it extremely difficult to know where to post questions, as the forum subjects are not always clear.

    John


    Cheers, John

    Wednesday, February 17, 2016 3:36 PM