Signing your Xojo App

Ok, in Windows, I created my app in Xojo, created a website to give people access to it, learned how to use Inno Setup to create an installation file, bought some space on Sync.com to host my installation files and everything was working great. I go to test on another computer and that’s when I learned about digital signatures. I’ve been doing a lot of reading on different tools (signtool, digicert, comodo, etc.). Some seem really expensive and some not so. They all seem very complex to me. Then there’s OV versus EV. I’m expecting a relatively low volume of downloads so I’m looking for the easiest most affordable method. I know this is a rather open ended question but I don’t want to recreate the wheel. What’s the easiest most affordable way you’ve discovered digitally certify a Xojo application? Your advice greatly appreciated!!!

hi
perhaps this video may help you
i wonder what happened to Byron since last year.

I wrote a blog post about this once:

Insights From an Indie Developer Regarding Code-Signing for Windows | Developer Blog

As time has worn on the post is showing age. I’ve had to remove my recommendation for a provider (I currently am looking for a new one) and due to changes in how OV certificates are issued my code signing software is now obsolete.

However, once you get the signtool from Microsoft you can have InnoSetup codesign while it builds the installer.

Very good information guys!! Thanks!! It seems like Comodo/Sectigo have the best certificate pricing. Any thoughts on their products? Also, your thoughts on code signing versus EV code signing? Is the extra cost for EV worth it or does the standard product suffice?

This is a good reminder I need to renew my now expired one. I used these folks before with no issues.

FYI, I signed up with K Software and they forwarded my request to Sectigo for processing. Gosh what a chore! I didn’t think this would be so much work to verify my information. I also found out that as soon as my LLC was created, I went on D&B and D&B is used by Sectigo to verify my information.

Well that was a surprise, went to finally renew my Windows code signing certificate, the days of $89/99 seem to have gone the way of the dodo. Seems to be ~$349 is now and requires a lot of hoops. If Apple can do it for $99!!!

May have to give that up!.