stackoom
  简体   繁体   中英

Package signing , and digital certificate

 原文  2016-02-29 15:23:00       c#/ packages/ .net-assembly/ digital-signature/ code-signing

Question

I Created a windows forms application using c# the output of the App is .exe , in the references of this project , I had added a reference of many dlls that this project needs all of them are Created by me.But these referenced dlls , some of them are using third parities Dll.

I packed the .exe and all referenced dll in an installer project using wix Toolset.

Note that the .exe and the installer has no strong names and not signed with key.

I upload this .msi result file into an intranet server , but when users download it from intranet it through google chrome , it gives a warning message like in fig1. Chrome warning

and when the user Double clicks the .msi file after downloading to start installation process , it activates windows smart screen . Smart screen warning

and while running the installer it displays User account control message with yellow banner as in fig3.[windows smart screen warning][3]

I made a lot of invistigations and i had find out that this is because my code is not digitally signed with digital certificate, actually i have no experience on this and i don't know if this is the true reason or what.

And do i need to make my .exe strongly signed by signing the assembly from signing tab of .net , I also have no experience about singing an executable package.

all what i need is that i don't want the user to feel like he is downloading and running something that is not trusted.

if the reason is that the package needs digital certificate , do i have to sgin the assembly with strong name to be able to sign it with digital certificate ?

1 answers

solution1
 0 ACCPTED  2016-03-02 06:58:05

Windows treats all application which are published by verified publisher as non-trusted application. If you want to make your application trusted by windows digitally sign your application.

  1. First buy Code-Signing-Certificate. lets say from Godaddy cheapest available ( https://in.godaddy.com/web-security/code-signing-certificate ). After buying certificate just follow procedure on godaddy to get your Certificate(.pfx) file.
  2. Install visual studio express
  3. Install InstallShield for generating .exe
  4. You can sign your output with the certificate by using installshield easily. Refer the screenshot for details. 在此处输入图片说明

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Deleting a digital signing certificate (.PFX file) Package signing is enabled but no thumbprint or certificate path is specified How to decode a JWT using C# JWT Package with Signing Certificate Digital Signature/Code Signing Question Invalid Digital Certificate Digital Certificate Issue Thumbprint for a signing certificate Signing Soap request with certificate .NetCore Signing Emails with Certificate Creating a Certificate Signing Request
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM