Thursday, August 16, 2012 2:58 PM
Alright, I know there are plenty of posts about this but I have yet to really find and/or understand what I am looking for so maybe you guys can help steer me in the right direction.
Previously, I was using Comodo's code signing certificates.
However, I am cheap, and I don't want to pay to renew them.
Therefore, How do I setup my own server to issue code signing certificates?
Obviously, Comodo and others do it, so why can't we? This would be interesting for people who want to charge others for certificates but in my case I just want to do it to sign my own applications which will be used by the public. I do know I probably don't understand the entire process from front to end so this is why I am asking you all.
Friday, August 17, 2012 8:54 AMModerator
Thank you for posting on this forum.
Here is a detailed documentation for your reference: http://msdn.microsoft.com/en-us/library/ms537361(v=vs.85).aspx
Them told that what and how.
Here, I want to retell it in short words: The code is mine, a very very unknown person, do you believe my code is safe? I think you don't believe me. Actually, my code is really safe. Let's take Comodo for example, so I buy a certificate from Comodo to sign my code. Now, people see this code is signed by Comodo's certificate, Comodo says it is safe, that we trust Comodo. This is why you cannot do it by yourself. We trust public organizations but personal thing.
I hope this will be helpful.
MSDN Community Support | Feedback to us
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
- Marked As Answer by Mike FengMicrosoft Contingent Staff, Moderator Thursday, September 06, 2012 3:00 AM
Saturday, August 18, 2012 7:13 PM
Technically you can create self-signed code signing certificates but only your computer will recognize them. The root certificate that Comodo signs from is distributed with Windows (and a lot of other platforms), so certificates issued by "real" CAs are automatically recognized. That's because the CAs follow a fairly strict set of guidelines to verify any publisher's identity, and back up their verification with real warranties.
If you're looking for a cheaper way to get Comodo certs, check here : http://codesigning.ksoftware.net