none
unknown publisher RRS feed

  • Question

  • I have a signed c# application but when running this application an issue concerning an unknown publisher always occurs. how do i correct this issue ?
    Monday, March 23, 2020 10:37 AM

All replies

  • Hello Rim ishak,

    How did you sign the application as there are several ways to sign a application.


    Please remember to mark the replies as answers if they help and unmarked them if they provide no help, this will help others who are looking for solutions to the same or similar problem. Contact via my Twitter (Karen Payne) or Facebook (Karen Payne) via my MSDN profile but will not answer coding question on either.

    NuGet BaseConnectionLibrary for database connections.

    StackOverFlow
    profile for Karen Payne on Stack Exchange

    Monday, March 23, 2020 1:30 PM
    Moderator
  • Hi Karen, 

    I signed the application with the sign tool. 

    Monday, March 23, 2020 2:14 PM
  • Hi Karen, 

    I signed the application with the sign tool. 

    Have you gone through the following?
    https://docs.microsoft.com/en-us/previous-versions/dotnet/articles/ms996418(v=msdn.10)?redirectedfrom=MSDN

    Please remember to mark the replies as answers if they help and unmarked them if they provide no help, this will help others who are looking for solutions to the same or similar problem. Contact via my Twitter (Karen Payne) or Facebook (Karen Payne) via my MSDN profile but will not answer coding question on either.

    NuGet BaseConnectionLibrary for database connections.

    StackOverFlow
    profile for Karen Payne on Stack Exchange

    Monday, March 23, 2020 4:26 PM
    Moderator
  • Check the certification authority that issued the certificate that you used for signing. If the authority is not trusted by the PC where you are deploying (use the Certificates snap-in for the MMC to check it), the publisher will be flagged as unknown.
    Monday, March 23, 2020 7:09 PM
    Moderator
  • Hi Rim ishak,
    Did you sign your application by creating a test certificate? If so, you can click the More Details in the Signing page.
    It will show the information shown in the picture below, you can click Install Certificate and follow the steps to install the certificate.If you use other certificate, you can configure your certificate in the Trusted Publishers certificate store on your computer.
    Please refer to the following steps:
    1.Open the Certificate Manager by typing certmgr.msc in the search box, and pressing Enter.
    2.Expand "Trusted Root Certification Authorities" in the left column.
    3.Select "Certificates" under it, and then click "Actions"-> "All Tasks"-> "Import" in the menu bar to open the certificate Import wizard.
    4.Choose your certificate.
    Best Regards,
    Daniel Zhang


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, March 24, 2020 6:35 AM
  • Hi Daniel, 

    The installation of our software is supposed to be done by the end user. We do not control this kind of action. Why should we ask each end user to install the certificate in his or her machine? Shouldn't this be done automatically since we already have our software correctly signed using a certificate delivered by a certification authority. I do not understand the manual configuration requirement at this point. Is there any other solution ? 

    Best regards,

    Tuesday, March 24, 2020 12:58 PM
  •  we already have our software correctly signed using a certificate delivered by a certification authority

    The key is in the word "a". No, "a" certification authority is not sufficient. It has to be a "valid" certification authority. In this contest, the word "valid" means "something that Microsoft Windows considers valid". And the list of certification authorities accepted by Windows is the one that is contained in the "Trusted root certification authorities". If the certification authority that issued your certificate is in that list, then you don't have to do anything else, your software will be recognized automatically without any manual configuration steps. But if you bought your certificate from a certification authority that is not in the list, then you first have to add it to the list. Hence the manual configuration requirement.
    Tuesday, March 24, 2020 5:29 PM
    Moderator
  • Hello,

    We get certificates from GoDaddy and on the post build event for the installer run the following to sign.

    X:\Team\SomeApp\signtool.exe" sign /f "X:\Team\SomeApp\Codesign2018.pfx" /p SomePassWord /d "SomeApp - Some description" /t http://timestamp.verisign.com/scripts/timstamp.dll /v "SomeApp_Installer.msi

    This is coupled with the use of a Visual Studio extension https://wixtoolset.org/

    I don't have time to get into specifics as I'm at work with little time to respond to forum questions because of the current state of the world.

    Hopefully this is of some help.


    Please remember to mark the replies as answers if they help and unmarked them if they provide no help, this will help others who are looking for solutions to the same or similar problem. Contact via my Twitter (Karen Payne) or Facebook (Karen Payne) via my MSDN profile but will not answer coding question on either.

    NuGet BaseConnectionLibrary for database connections.

    StackOverFlow
    profile for Karen Payne on Stack Exchange

    Tuesday, March 24, 2020 5:59 PM
    Moderator
  • Hi Rim ishak,
    To change "unknown publisher" to an actualy publisher, you have to get a signing certificate from a trusted source, such as your network administrator or a valid certificate authority.
    As Alberto Poblacion said, the list of certificate authorities accepted by Windows is the one included in "Trusted Root Certification Authorities."
    If not, you have to configure it manually.
    Best Regards,
    Daniel Zhang


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Wednesday, March 25, 2020 3:27 AM
  • Hi Alberto, 

    I signed the application with .pfx , installed that .pfx in the "Trusted root certification authorities", runned the app but still the publisher  is set to unknown. Is the issue related to installing the .pfx? should i install .der instead? 

    Monday, March 30, 2020 3:14 PM
  • The .pfx should be fine, you don´t need a .der.

    But note that it si not *your* certificate the one that you have to install in the Trusted root certification authorities. The certificate that goes there is the one that contains the public key for the CA, not your own public key. The CA that issued the certificate should have some way to provide you with such certificate. Alternatively, if your certificate happens to contain the embedded certificates for the chain of trust, you could extract it from there. But this is not always the case.

    It may help if you mention here what certification authority you used, and what type of certificate you acquired. Maybe someone in the forum is familiar with them and can point you to how to get the root cert that you need.

    Monday, March 30, 2020 4:51 PM
    Moderator