black icon indicating copy to clipboard operation
black copied to clipboard

Published 20 hours ago verified publisher icon psf

Signed Windows Binaries

Open chris-morrell opened this issue 1 year ago • 3 comments

Enterprise malware scans flag black.exe and blackd.exe due to neither binary being signed. This can be checked/verified via AuthenticodeSignature baked into Windows:

AuthenticodeSignature -FilePath black.exe


    Directory: ${super long directory}


SignerCertificate                         Status                                        Path
-----------------                         ------                                        ----
                                          NotSigned                                     black.exe

Can the distributed binaries be signed by a certificate from a recognized CA? It appears that there are some cheap CAs catering to open-source projects.

chris-morrell avatar Jun 08 '23 06:06 chris-morrell

Not many of us are Windows users, are there any docs to sign our binaries via GitHub Actions?

cooperlees avatar Jun 09 '23 01:06 cooperlees

There seem to be a GitHub Action available for code signing https://github.com/marketplace/actions/code-sign-a-file. It works on windows-2019, and can sign executables with .pfx certificate.

rdrll avatar Jun 19 '23 02:06 rdrll

Defender detected it as a trojan today: defender

bariod avatar Feb 28 '24 08:02 bariod