|
2020-05-31, 22:01
|
#1 |
|
If I May
"Chris Halsall"
Sep 2002
Barbados
2·5·941 Posts |
Windows help...
So, I didn't quite know where to put this...
I'm wondering if there's someone out there who can help me with something Windows related... I have an installer for a project I'm working on. The client runs on Windows 10, and does stuff. I was about to start Alpha testing with some friends and their families and employees. Everything was looking great -- installed and ran fine in my development environment. However, I've discovered that when the package is downloaded from a website (https, of course) Windows throws many warnings telling the user that the package is probably malware, and that they shouldn't install it. Until I pay the $ $ $ for my own Code Signing Cert, does anyone have such a cert they would be willing to sign my installer package with? I wouldn't need (nor want) your key itself. Instead, I would provide the EXE to sign. And this would only be for one or two alpha packages. By then I'll have my own key. I understand the reasoning behind this. But it's annoying that the entire development code-chain used is all Open Source, but I still can't deploy the code without forking out a GPU's worth of $ $ $ for a bit of math... |
|
|
|
2020-06-01, 22:17
|
#2 |
|
Undefined
"The unspeakable one"
Jun 2006
My evil lair
7·859 Posts |
If you downloaded the exe using a browser then the file will have an alternate stream that marks its source as external. Just delete the alternate stream.
|
|
|
|
2020-06-01, 22:26
|
#3 | |
|
If I May
"Chris Halsall"
Sep 2002
Barbados
223028 Posts |
Quote:
The plan in to have a dozen or so alpha testers. I don't want them scared away by warnings. |
|
|
|
|
|
2020-06-01, 22:37
|
#4 | |
|
Undefined
"The unspeakable one"
Jun 2006
My evil lair
7×859 Posts |
Quote:
|
|
|
|
|
|
2020-06-01, 22:54
|
#5 | |
|
If I May
"Chris Halsall"
Sep 2002
Barbados
2·5·941 Posts |
Quote:
I produced my installer at the command line (using NSIS). Tested it in my development environment. No warnings. SSH'ed it up to a server. Downloaded it by way of a browser (Chrome; HTTPS). At least three warnings, saying basically "This is likely malware; DON'T RUN THIS". Is there anyway *I*, as the developer, can do something such that the *user* doesn't experience this? Advise welcomed. |
|
|
|
|
|
2020-06-01, 23:25
|
#6 |
"Rashid Naimi"
Oct 2015
Remote to Here/There
111101111112 Posts |
Last fiddled with by a1call on 2020-06-01 at 23:29 |
|
|
|
|
2020-06-01, 23:57
|
#7 |
Mar 2003
7610 Posts |
I've been though this. You're going to need an EV code signing certificate otherwise Windows will continue to present dire warnings to everyone who downloads your app. There's no way around it. At first glance they're expensive but you can get discounts. PM me for details if you want.
|
|
|
|
|
2020-06-02, 03:01
|
#8 |
|
Undefined
"The unspeakable one"
Jun 2006
My evil lair
7·859 Posts |
Make it a zip file. Then the zip file gets the alternate stream identifying the Internet origin.
So now the user can extract the exe locally and run it without any warnings. BTW: I love that MS is extorting everyone into paying for a cert. 
Last fiddled with by retina on 2020-06-02 at 03:01 |
|
|
|
|
2020-06-15, 22:41
|
#9 | ||
|
If I May
"Chris Halsall"
Sep 2002
Barbados
2·5·941 Posts |
Quote:
Quote:
Just to share, I had forgotten what a pain-in-the-ass string parsing is in C. What was trivial to do in the Perl prototype is convoluted (to be polite) to implement in C... |
||
|
|
|
 |
| Thread Tools | |
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| how can I use GMP-ECM on Windows 7? | bbb120 | GMP-ECM | 9 | 2019-03-01 19:33 |
| How do I keep windows on top? | jasong | jasong | 0 | 2017-12-12 00:09 |
| Is it worth the trouble to "upgrade" Windows 8 to Windows 7? | ixfd64 | Lounge | 23 | 2013-04-13 11:12 |
| Windows 7 Windows Update & Prime95 issue!!! | Unregistered | Information & Answers | 14 | 2010-04-10 21:47 |
| New PC - x64 Windows | Prime95 | Software | 9 | 2005-09-24 03:56 |
