Michel, just a quick question, is signing an application on Windows fairly painless like it was for OSX? With some help here on the Forums, I was able to get everything (Apple certificates, XCode installed, App Wrapper, etc…) setup in pretty much one day fort he Mac. I’ve never signed any Windows apps in the past, but it is becoming a necessity nowadays. Is the process similar? Or has this possibly been spelled in another thread?
I believe it has been covered in the forum, but could not really remember where or when. With KSign, it is an extremely simple process. You get your signing certificate from a third party. Prices vary widely, but Comodo which is sold at KSoftware is I believe the best deal. $89 year, which is pretty much the same as Apple. It can climb up to $599 with Verisign but it will not do better for the regular signing.
Once you have your certificate, you extract the PFX file (KSoftware will tell you how to collect the certificate) from the computer you have used to order. For years I have been doing that on the Mac. Then under Windows, you use KSign to sign the EXE and the installer. It works very simply : select the files to add them into the list of files to sign and click a button. That’s it.
I know Bob Keeney and Christophe de Vocht are using the same solution, and probably several others. Today distributing unsigned software triggers the nasty equivalent of Gatekeeper which, under Windows 10, does exactly the same, namely refuses to launch the app. If you are serious about distributing software and want to minimize support request, you should sign your executables IMO.
Yes, for Windows I use KSign. It is very easy to use.
That said, the verification procedure can take a long time. In my case +1 week with several mails going up and down including a lot of personal documents (ID, Electricity bills, Driving license, … ) just to prove who you really are. Eventually, after one week they called me up to say my signing certificate was approved.
So be prepared to have some patience when buying a Windows signing certificate for the first time.
[quote=197519:@Christoph De Vocht]Yes, for Windows I use KSign. It is very easy to use.
That said, the verification procedure can take a long time. In my case +1 week with several mails going up and down including a lot of personal documents (ID, Electricity bills, Driving license, … ). Eventually, after one week they called me up to say my signing certificate was approved.
So be prepared to have some patience when buying this for the first time. :-)[/quote]
It cannot be worse than Verisign. They required all that, plus a certified copy of my passport, plus a signed contract attesting I was going to use their certificate for lawful purposes, signed by the same authority that certifies the passport copy. Then they frowned because the contract had been translated in French. At that point I wrote a very angry letter to their CEO with a copy to Microsoft and canceled the order. Soon after I noticed Microsoft had added Digicert to the possible sources for Authenticode.
Anyway, that was necessary to get listed in the Windows Store. Since soon Desktop apps should be accepted in that store without that requirement with the Bridge program, I will wait for that to resume work on my Windows project.
[quote]I already have a valid pfx certificate for my company
Could i use it for my desktop xojo application avoiding gatekeepeer problem?[/quote]
Not if you are on a Mac.
It has to be Apples way no or nothing.
developer subscription and certs.