Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


J90



8 posts

Wannabe Geek
+1 received by user: 1


Topic # 222547 16-Aug-2017 23:30
Send private message

Do any developers out there have experience obtaining individual code sign digital certificates for use with Visual Studio?  What options, if any, are there for those in this part of the world?


Create new topic
157 posts

Master Geek
+1 received by user: 18


  Reply # 1847846 17-Aug-2017 03:25
Send private message

If you want to create a self-signed certificate for testing purposes the PowerShell tool New-SelfSignedCertificate may be useful.

 

 

 

Certificates and code signing are a bit of a riddle surrounded by a mystery, so good luck.


Will not stab you
219 posts

Master Geek
+1 received by user: 16

Subscriber

  Reply # 1847904 17-Aug-2017 08:30
Send private message

We authenticode sign our .NET assemblies using a cert from Thawte:

 

https://www.thawte.com/code-signing/?tid=a_box_buycs

 

 

 

Don't forget to time-stamp, not just sign.





Recursion: See recursion.
--
“It is important not to let the perfect become the enemy of the good, even when you can agree on what perfect is. Doubly so when you can't. As unpleasant as it is to be trapped by past mistakes, you can't make any progress by being afraid of your own shadow during design.”

     --Greg Hudson, Subversion developer

 
 
 
 


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1847934 17-Aug-2017 09:50
Send private message

ObidiahSlope:

 

If you want to create a self-signed certificate for testing purposes the PowerShell tool New-SelfSignedCertificate may be useful.

 

 

 

Certificates and code signing are a bit of a riddle surrounded by a mystery, so good luck.

 

 

Self-signed certificates for development purposes aren't the issue.  Perhaps I should have been more clear, I was referring to CA-issued certificates for publication of software.


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1847936 17-Aug-2017 09:59
Send private message

BuffyNZ:

 

We authenticode sign our .NET assemblies using a cert from Thawte:

 

https://www.thawte.com/code-signing/?tid=a_box_buycs

 

 

 

Don't forget to time-stamp, not just sign.

 

 

I had a look at Thawte awhile back, but unfortunately they are no longer an option.  As per a notice on the page you linked to:

 

Please note: All Thawte Code Signing Certificates for individuals have been placed in an End-Of-Sale status. Click here for more information.

 

 

 

There was an outfit called StartCom that seemed to be a popular option for individual code-sign certificates until they got busted last year for doing dodgy things.  Now reasonable options for individual certificates seem really difficult to find.  Setting up a company just to get an organisational code-sign certificate and publish software written by an individual developer seems like overkill, never mind the hassle and expense of doing so.


2813 posts

Uber Geek
+1 received by user: 1462

Subscriber

  Reply # 1847975 17-Aug-2017 11:18
Send private message

I've only ever ordered one for an organisation, but from what I can see, all the major CA's will only issue code signing certificates to organisations now. I suspect that's to stop malware authors obtaining them.





Information wants to be free. The Net interprets censorship as damage and routes around it.

 

Thinking about signing up to BigPipe? Get $20 credit with my referral link.


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1848000 17-Aug-2017 11:52
Send private message

Lias:

 

I've only ever ordered one for an organisation, but from what I can see, all the major CA's will only issue code signing certificates to organisations now. I suspect that's to stop malware authors obtaining them.

 

 

The ironic thing being, of course, that code-sign certificates were never meant to be about proving that signed software was safe, only that the named individual/organisation was the owner/author of it.  A bit like how (NZ) birth certificates have a statement on them warning they should not be used as proof of identity, yet they commonly are.


gzt

9150 posts

Uber Geek
+1 received by user: 1290


  Reply # 1848084 17-Aug-2017 14:37
Send private message

StartCom / Wosign is still issuing I believe.

Chrome will no longer validate certs from that CA due to reasons above.

Codesigning is a different application, but yeah trust issues perhaps.

Edit: forgot to mention that they seemed to think that Google will let them back in but that seems unlikely to me.

157 posts

Master Geek
+1 received by user: 18


  Reply # 1848117 17-Aug-2017 16:54
One person supports this post
Send private message

If you are coding for a customer using Windows Server the Domain Administrator should be able to provide you with a code signing cert that authenticates on computers in that domain.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Symantec selects Amazon Web Services to deliver cloud security
Posted 23-Nov-2017 10:40


New Zealand Ministry of Education chooses Unisys for cloud-based education resourcing management system
Posted 22-Nov-2017 22:00


Business analytics software powers profits for NZ wine producers
Posted 22-Nov-2017 21:52


Pyrios strikes up alliance with Microsoft integrator UC Logiq
Posted 22-Nov-2017 21:51


The New Zealand IT services ecosystem - it's all digital down here
Posted 22-Nov-2017 21:49


Volvo to supply tens of thousands of autonomous drive compatible cars to Uber
Posted 22-Nov-2017 21:46


From small to medium and beyond: Navigating the ERP battlefield
Posted 21-Nov-2017 21:12


Business owners: ERP software selection starts (and finishes) with you
Posted 21-Nov-2017 21:11


Why I'm not an early adopter
Posted 21-Nov-2017 10:39


Netatmo launches smart home products in New Zealand
Posted 20-Nov-2017 20:06


Huawei Mate 10: Punchy, long battery life, artificial intelligence
Posted 20-Nov-2017 16:30


Propel launch Disney Star Wars Laser Battle Drones
Posted 19-Nov-2017 21:26


UFB killer app: Speed
Posted 17-Nov-2017 17:01


The case for RSS — MacSparky
Posted 13-Nov-2017 14:35


WordPress and Indieweb: Take control of your online presence — 6:30 GridAKL Nov 30
Posted 11-Nov-2017 13:43



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.