powir icon indicating copy to clipboard operation
powir copied to clipboard
verified publisher icon SlapBot

[Help Needed] Code Signing - Windows Defender & Browser Warnings

Open SlapBot opened this issue 5 years ago • 4 comments

In order to remove the windows defender warnings, application release has to be code signed.

The documentation available at electron-builder suggests that in order to sign your app, you need a certificate and it has to be bought from one of the authorized vendors from Microsoft. They recommend the one from digicert which costs around $699 a year.

Electron's official docs also touch on the matter with a similar suggestion:

Get a Windows Authenticode code signing certificate (requires an annual fee)

You can get a code signing certificate from a lot of resellers. Prices vary, so it may be worth your time to shop around. Popular resellers include: Digicert

I'm eagerly looking for some help around code signing this application without spending much money considering it is suppose to be a completely open source app. If you have any experience around code signing windows builds. Kindly reply in the thread.

SlapBot avatar Jun 04 '20 05:06 SlapBot

BTW, There are some less expensive options about halfway down the page, here.

https://aboutssl.org/cheap-code-signing-certificate-providers/

tracker1 avatar Jun 14 '20 23:06 tracker1

Thanks for the link! Although I don't really want to spend money on a open source project but nonetheless its better than whats currently available!

SlapBot avatar Jun 15 '20 07:06 SlapBot

I've personally never used them, but some googling landed me on a few posts mentioning certum as a cheaper option for open source certs:

https://blog.aluxian.com/free-code-signing-certificate-for-open-source-software-d836270823a7

https://en.sklep.certum.pl/data-safety/code-signing-certificates/open-source-code-signing-1022.html

It looks like they're typically 25 euros a year which isn't too bad, but unfortunately it also looks like you have to use a cryptographic smart card / reader which you'd have to buy the first time.

m-sterspace avatar Jun 15 '20 22:06 m-sterspace

Ah good solution for the long term but need to buy certain things before hand.

Btw Certum use to provide free certs for open source projects, however it got discontinued since 2016: https://stackoverflow.com/a/1177748/6303162

I've tried to document other similar CAs in the README under browser warnings tab with hyperlinks.

SlapBot avatar Jun 15 '20 22:06 SlapBot