Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

J90



8 posts

Wannabe Geek
+1 received by user: 1


Topic # 222547 16-Aug-2017 23:30
Send private message

Do any developers out there have experience obtaining individual code sign digital certificates for use with Visual Studio?  What options, if any, are there for those in this part of the world?


Create new topic
181 posts

Master Geek
+1 received by user: 26


  Reply # 1847846 17-Aug-2017 03:25
Send private message

If you want to create a self-signed certificate for testing purposes the PowerShell tool New-SelfSignedCertificate may be useful.

 

 

 

Certificates and code signing are a bit of a riddle surrounded by a mystery, so good luck.


Will not stab you
228 posts

Master Geek
+1 received by user: 17

Subscriber

  Reply # 1847904 17-Aug-2017 08:30
Send private message

We authenticode sign our .NET assemblies using a cert from Thawte:

 

https://www.thawte.com/code-signing/?tid=a_box_buycs

 

 

 

Don't forget to time-stamp, not just sign.





Recursion: See recursion.
--
“It is important not to let the perfect become the enemy of the good, even when you can agree on what perfect is. Doubly so when you can't. As unpleasant as it is to be trapped by past mistakes, you can't make any progress by being afraid of your own shadow during design.”

     --Greg Hudson, Subversion developer

J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1847934 17-Aug-2017 09:50
Send private message

ObidiahSlope:

 

If you want to create a self-signed certificate for testing purposes the PowerShell tool New-SelfSignedCertificate may be useful.

 

 

 

Certificates and code signing are a bit of a riddle surrounded by a mystery, so good luck.

 

 

Self-signed certificates for development purposes aren't the issue.  Perhaps I should have been more clear, I was referring to CA-issued certificates for publication of software.


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1847936 17-Aug-2017 09:59
Send private message

BuffyNZ:

 

We authenticode sign our .NET assemblies using a cert from Thawte:

 

https://www.thawte.com/code-signing/?tid=a_box_buycs

 

 

 

Don't forget to time-stamp, not just sign.

 

 

I had a look at Thawte awhile back, but unfortunately they are no longer an option.  As per a notice on the page you linked to:

 

Please note: All Thawte Code Signing Certificates for individuals have been placed in an End-Of-Sale status. Click here for more information.

 

 

 

There was an outfit called StartCom that seemed to be a popular option for individual code-sign certificates until they got busted last year for doing dodgy things.  Now reasonable options for individual certificates seem really difficult to find.  Setting up a company just to get an organisational code-sign certificate and publish software written by an individual developer seems like overkill, never mind the hassle and expense of doing so.


3132 posts

Uber Geek
+1 received by user: 1668

Subscriber

  Reply # 1847975 17-Aug-2017 11:18
Send private message

I've only ever ordered one for an organisation, but from what I can see, all the major CA's will only issue code signing certificates to organisations now. I suspect that's to stop malware authors obtaining them.





Information wants to be free. The Net interprets censorship as damage and routes around it.

 

Thinking about signing up to BigPipe? Get $20 credit with my referral link.


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1848000 17-Aug-2017 11:52
Send private message

Lias:

 

I've only ever ordered one for an organisation, but from what I can see, all the major CA's will only issue code signing certificates to organisations now. I suspect that's to stop malware authors obtaining them.

 

 

The ironic thing being, of course, that code-sign certificates were never meant to be about proving that signed software was safe, only that the named individual/organisation was the owner/author of it.  A bit like how (NZ) birth certificates have a statement on them warning they should not be used as proof of identity, yet they commonly are.


gzt

9830 posts

Uber Geek
+1 received by user: 1471


  Reply # 1848084 17-Aug-2017 14:37
Send private message

StartCom / Wosign is still issuing I believe.

Chrome will no longer validate certs from that CA due to reasons above.

Codesigning is a different application, but yeah trust issues perhaps.

Edit: forgot to mention that they seemed to think that Google will let them back in but that seems unlikely to me.

181 posts

Master Geek
+1 received by user: 26


  Reply # 1848117 17-Aug-2017 16:54
One person supports this post
Send private message

If you are coding for a customer using Windows Server the Domain Administrator should be able to provide you with a code signing cert that authenticates on computers in that domain.


Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07


All or Nothing: New Zealand All Blacks arrives on Amazon Prime Video
Posted 2-Jun-2018 16:21


Innovation Grant, High Tech Awards and new USA office for Kiwi tech company SwipedOn
Posted 1-Jun-2018 20:54


Commerce Commission warns Apple for misleading consumers about their rights
Posted 30-May-2018 13:15


IBM leads Call for Code to use cloud, data, AI, blockchain for natural disaster relief
Posted 25-May-2018 14:12


New FUJIFILM X-T100 aims to do better job than smartphones
Posted 24-May-2018 20:17


Stuff takes 100% ownership of Stuff Fibre
Posted 24-May-2018 19:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.