Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


J90



8 posts

Wannabe Geek
+1 received by user: 1


Topic # 222547 16-Aug-2017 23:30
Send private message quote this post

Do any developers out there have experience obtaining individual code sign digital certificates for use with Visual Studio?  What options, if any, are there for those in this part of the world?


Create new topic
156 posts

Master Geek
+1 received by user: 18


  Reply # 1847846 17-Aug-2017 03:25
Send private message quote this post

If you want to create a self-signed certificate for testing purposes the PowerShell tool New-SelfSignedCertificate may be useful.

 

 

 

Certificates and code signing are a bit of a riddle surrounded by a mystery, so good luck.


Will not stab you
218 posts

Master Geek
+1 received by user: 15

Subscriber

  Reply # 1847904 17-Aug-2017 08:30
Send private message quote this post

We authenticode sign our .NET assemblies using a cert from Thawte:

 

https://www.thawte.com/code-signing/?tid=a_box_buycs

 

 

 

Don't forget to time-stamp, not just sign.





Recursion: See recursion.
--
“It is important not to let the perfect become the enemy of the good, even when you can agree on what perfect is. Doubly so when you can't. As unpleasant as it is to be trapped by past mistakes, you can't make any progress by being afraid of your own shadow during design.”

     --Greg Hudson, Subversion developer

 
 
 
 


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1847934 17-Aug-2017 09:50
Send private message quote this post

ObidiahSlope:

 

If you want to create a self-signed certificate for testing purposes the PowerShell tool New-SelfSignedCertificate may be useful.

 

 

 

Certificates and code signing are a bit of a riddle surrounded by a mystery, so good luck.

 

 

Self-signed certificates for development purposes aren't the issue.  Perhaps I should have been more clear, I was referring to CA-issued certificates for publication of software.


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1847936 17-Aug-2017 09:59
Send private message quote this post

BuffyNZ:

 

We authenticode sign our .NET assemblies using a cert from Thawte:

 

https://www.thawte.com/code-signing/?tid=a_box_buycs

 

 

 

Don't forget to time-stamp, not just sign.

 

 

I had a look at Thawte awhile back, but unfortunately they are no longer an option.  As per a notice on the page you linked to:

 

Please note: All Thawte Code Signing Certificates for individuals have been placed in an End-Of-Sale status. Click here for more information.

 

 

 

There was an outfit called StartCom that seemed to be a popular option for individual code-sign certificates until they got busted last year for doing dodgy things.  Now reasonable options for individual certificates seem really difficult to find.  Setting up a company just to get an organisational code-sign certificate and publish software written by an individual developer seems like overkill, never mind the hassle and expense of doing so.


2741 posts

Uber Geek
+1 received by user: 1408

Subscriber

  Reply # 1847975 17-Aug-2017 11:18
Send private message quote this post

I've only ever ordered one for an organisation, but from what I can see, all the major CA's will only issue code signing certificates to organisations now. I suspect that's to stop malware authors obtaining them.





Information wants to be free. The Net interprets censorship as damage and routes around it.

 

Thinking about signing up to BigPipe? Get $20 credit with my referral link.


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1848000 17-Aug-2017 11:52
Send private message quote this post

Lias:

 

I've only ever ordered one for an organisation, but from what I can see, all the major CA's will only issue code signing certificates to organisations now. I suspect that's to stop malware authors obtaining them.

 

 

The ironic thing being, of course, that code-sign certificates were never meant to be about proving that signed software was safe, only that the named individual/organisation was the owner/author of it.  A bit like how (NZ) birth certificates have a statement on them warning they should not be used as proof of identity, yet they commonly are.


gzt

9024 posts

Uber Geek
+1 received by user: 1237


  Reply # 1848084 17-Aug-2017 14:37
Send private message quote this post

StartCom / Wosign is still issuing I believe.

Chrome will no longer validate certs from that CA due to reasons above.

Codesigning is a different application, but yeah trust issues perhaps.

Edit: forgot to mention that they seemed to think that Google will let them back in but that seems unlikely to me.

156 posts

Master Geek
+1 received by user: 18


  Reply # 1848117 17-Aug-2017 16:54
One person supports this post
Send private message quote this post

If you are coding for a customer using Windows Server the Domain Administrator should be able to provide you with a code signing cert that authenticates on computers in that domain.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Intel unveils the 8th Gen Intel Core Processor family for desktop
Posted 25-Sep-2017 19:45


Chow brothers plan to invest NZ$100 million in technology
Posted 24-Sep-2017 16:24


Symantec protects data everywhere with Information Centric Security
Posted 21-Sep-2017 15:33


FUJIFILM introduces X-E3 mirrorless camera with wireless connectivity
Posted 18-Sep-2017 13:53


Vodafone announces new plans with bigger data bundles
Posted 15-Sep-2017 10:51


Skinny launches phone with support for te reo Maori
Posted 14-Sep-2017 08:39


If Vodafone dropping mail worries you, you’re doing online wrong
Posted 11-Sep-2017 13:54


Vodafone New Zealand deploy live 400 gigabit system
Posted 11-Sep-2017 11:07


OPPO camera phones now available at PB Tech
Posted 11-Sep-2017 09:56


Norton Wi-Fi Privacy — Easy, flawed VPN
Posted 11-Sep-2017 09:48


Lenovo reveals new ThinkPad A Series
Posted 8-Sep-2017 14:37


Huawei passes Apple for the first time to capture the second spot globally
Posted 8-Sep-2017 10:45


Vodafone initiative enhances te reo Maori pronunciation on Google Maps
Posted 8-Sep-2017 10:40


Voyager Internet expand local internet phone services company with Conversant acquisition
Posted 6-Sep-2017 18:27


NOW Expands in to Tauranga
Posted 5-Sep-2017 18:16



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.