Remove Smart Screen warning from my application

Question

Hello Team,

We have developed an open source  application developed in hybrid arch using visual studio which is secured with the certificate of authenticity , but still we are getting Smart SCreen warning while running the installer. Can some one please guide us on how to fix the same ?

Regards,

Binu Kumar

---

Binu Kumar - MCP, MCITP, MCTS , MBA - IT , Director Aarbin Technology Pvt Ltd - Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Answer 1

Hi,

An Authenticode certificate may not be enough to establish reputation. And there are different kind of Authenticode certificates. The best are "Extended Validation (EV)" code signing certificates that "can immediately establish reputation with SmartScreen reputation services even if no prior reputation exists for that file or publisher"

See:

MS SmartScreen and Application Reputation
https://blog.digicert.com/ms-smartscreen-application-reputation/

Microsoft SmartScreen & Extended Validation (EV) Code Signing Certificates

https://blogs.msdn.microsoft.com/ie/2012/08/14/microsoft-smartscreen-extended-validation-ev-code-signing-certificates/

---

My portal and blog about VSX: http://www.visualstudioextensibility.com; Twitter: https://twitter.com/VSExtensibility; MZ-Tools productivity extension for Visual Studio: https://www.mztools.com

Answer 2

Thank you for the response Carlos, Will Code Signing SSL work ?

---

Binu Kumar - MCP, MCITP, MCTS , MBA - IT , Director Aarbin Technology Pvt Ltd - Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Answer 3

Hi,

No, certificates for code signing (setups) are different than certificates for SSL (web sites, https).

There are Extended Validation (EV) certificates in both cases.

---

My portal and blog about VSX: http://www.visualstudioextensibility.com; Twitter: https://twitter.com/VSExtensibility; MZ-Tools productivity extension for Visual Studio: https://www.mztools.com

Answer 4

I have :

Comodo Code Signing SSL

Comodo EV SSL

Which one will work ?

---

Binu Kumar - MCP, MCITP, MCTS , MBA - IT , Director Aarbin Technology Pvt Ltd - Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Answer 5

Comodo announced Code Signing certificates with Extended Validation (EV) on December 2016 to be available on January 2017:

https://www.comodo.com/news/press_releases/2016/12/worlds-largest-ca-comodo-announces-ev-code-signing-certificate-availability.html

But I don't see EV-code signing certificates on their store:

https://www.instantssl.com/code-signing-certificate.html

So if you want Comodo, contact them.

Other providers such as Digicert have:

1) Normal code signing certificates:

https://www.digicert.com/code-signing/code-signing.htm

2) EV code signing certificates:

https://www.digicert.com/code-signing/ev-code-signing.htm

Notice that no "SSL" is involved.

---

My portal and blog about VSX: http://www.visualstudioextensibility.com; Twitter: https://twitter.com/VSExtensibility; MZ-Tools productivity extension for Visual Studio: https://www.mztools.com

Answer 6

Currently, the standard Code Signing is not enough for avoid Smart Screen warning in the beginning. Only EV Code Signing can avoid avoid Smart Screen in the beginning. But, EV Code Signing need for a company but not individual. It's means if you are not a company M$ will blocking your software until 'We(M$) applied your software by somehow our some algorithms' even you buy a $200 standard code signing. But, even the standard for individual developer is not cheap right?

I have no idea why M$ so no friendly for individual developer or who individual want made money from it. Why not consider apple store? Buy a M$ developer license at year $99 and we will let the bored 'Smart Screen' warning away? Oh, sorry I forgot you are M$.