Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


J90



8 posts

Wannabe Geek
+1 received by user: 1


Topic # 222547 16-Aug-2017 23:30
Send private message

Do any developers out there have experience obtaining individual code sign digital certificates for use with Visual Studio?  What options, if any, are there for those in this part of the world?


Create new topic
162 posts

Master Geek
+1 received by user: 22


  Reply # 1847846 17-Aug-2017 03:25
Send private message

If you want to create a self-signed certificate for testing purposes the PowerShell tool New-SelfSignedCertificate may be useful.

 

 

 

Certificates and code signing are a bit of a riddle surrounded by a mystery, so good luck.


Will not stab you
222 posts

Master Geek
+1 received by user: 17

Subscriber

  Reply # 1847904 17-Aug-2017 08:30
Send private message

We authenticode sign our .NET assemblies using a cert from Thawte:

 

https://www.thawte.com/code-signing/?tid=a_box_buycs

 

 

 

Don't forget to time-stamp, not just sign.





Recursion: See recursion.
--
“It is important not to let the perfect become the enemy of the good, even when you can agree on what perfect is. Doubly so when you can't. As unpleasant as it is to be trapped by past mistakes, you can't make any progress by being afraid of your own shadow during design.”

     --Greg Hudson, Subversion developer

 
 
 
 


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1847934 17-Aug-2017 09:50
Send private message

ObidiahSlope:

 

If you want to create a self-signed certificate for testing purposes the PowerShell tool New-SelfSignedCertificate may be useful.

 

 

 

Certificates and code signing are a bit of a riddle surrounded by a mystery, so good luck.

 

 

Self-signed certificates for development purposes aren't the issue.  Perhaps I should have been more clear, I was referring to CA-issued certificates for publication of software.


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1847936 17-Aug-2017 09:59
Send private message

BuffyNZ:

 

We authenticode sign our .NET assemblies using a cert from Thawte:

 

https://www.thawte.com/code-signing/?tid=a_box_buycs

 

 

 

Don't forget to time-stamp, not just sign.

 

 

I had a look at Thawte awhile back, but unfortunately they are no longer an option.  As per a notice on the page you linked to:

 

Please note: All Thawte Code Signing Certificates for individuals have been placed in an End-Of-Sale status. Click here for more information.

 

 

 

There was an outfit called StartCom that seemed to be a popular option for individual code-sign certificates until they got busted last year for doing dodgy things.  Now reasonable options for individual certificates seem really difficult to find.  Setting up a company just to get an organisational code-sign certificate and publish software written by an individual developer seems like overkill, never mind the hassle and expense of doing so.


2946 posts

Uber Geek
+1 received by user: 1538

Subscriber

  Reply # 1847975 17-Aug-2017 11:18
Send private message

I've only ever ordered one for an organisation, but from what I can see, all the major CA's will only issue code signing certificates to organisations now. I suspect that's to stop malware authors obtaining them.





Information wants to be free. The Net interprets censorship as damage and routes around it.

 

Thinking about signing up to BigPipe? Get $20 credit with my referral link.


J90



8 posts

Wannabe Geek
+1 received by user: 1


  Reply # 1848000 17-Aug-2017 11:52
Send private message

Lias:

 

I've only ever ordered one for an organisation, but from what I can see, all the major CA's will only issue code signing certificates to organisations now. I suspect that's to stop malware authors obtaining them.

 

 

The ironic thing being, of course, that code-sign certificates were never meant to be about proving that signed software was safe, only that the named individual/organisation was the owner/author of it.  A bit like how (NZ) birth certificates have a statement on them warning they should not be used as proof of identity, yet they commonly are.


gzt

9399 posts

Uber Geek
+1 received by user: 1365


  Reply # 1848084 17-Aug-2017 14:37
Send private message

StartCom / Wosign is still issuing I believe.

Chrome will no longer validate certs from that CA due to reasons above.

Codesigning is a different application, but yeah trust issues perhaps.

Edit: forgot to mention that they seemed to think that Google will let them back in but that seems unlikely to me.

162 posts

Master Geek
+1 received by user: 22


  Reply # 1848117 17-Aug-2017 16:54
One person supports this post
Send private message

If you are coding for a customer using Windows Server the Domain Administrator should be able to provide you with a code signing cert that authenticates on computers in that domain.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Fujifilm X beats its best with new top of the range, high-performance camera
Posted 24-Feb-2018 14:05


One million kiwis affected by cybercrime
Posted 24-Feb-2018 13:58


New Zealanders want to engage with government online and via mobile apps
Posted 24-Feb-2018 13:56


Samsung launches Samsung Max
Posted 24-Feb-2018 13:52


CPTPP text and National Interest Analysis released for public scrutiny
Posted 21-Feb-2018 19:43


Foodstuffs to trial digitised shopping trolleys
Posted 21-Feb-2018 18:27


2018: The year of zero-login, smart cars & the biometrics of things
Posted 21-Feb-2018 18:25


Intel reimagines data centre storage with new 3D NAND SSDs
Posted 16-Feb-2018 15:21


Ground-breaking business programme begins in Hamilton
Posted 16-Feb-2018 10:18


Government to continue search for first Chief Technology Officer
Posted 12-Feb-2018 20:30


Time to take Appleā€™s iPad Pro seriously
Posted 12-Feb-2018 16:54


New Fujifilm X-A5 brings selfie features to mirrorless camera
Posted 9-Feb-2018 09:12


D-Link ANZ expands connected smart home with new HD Wi-Fi cameras
Posted 9-Feb-2018 09:01


Dragon Professional for Mac V6: Near perfect dictation
Posted 9-Feb-2018 08:26


OPPO announces R11s with claims to be the picture perfect smartphone
Posted 2-Feb-2018 13:28



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.