Trusted Digital Certificate For Signing ??? TC2.4 Are all executables installed by application signed? RRS feed

  • Question

  • This is concerning the objective : [TC2.4 Are all executables installed by application signed?]


    The issue is that we now have our own in house Digital Certificate. We have used it to sign our installation files. When the Works With Tool  performs the testing for the above point, in order for it to pass, our Digital Certificate needs to be installed manually as a trusted Certificate on the test machine, otherwise it will not pass that test. This is because our in house Certificate is not accredited by any Certified Authority (CA) and not on Microsoft’s list of trusted sources.


    So our question is; Do we need to have a credited digital certificate for our file signing, or is our in house one sufficient?

    The nature of our software is that it is installed manually by our engineers in client sites and is not distributed freely in any untrustworthy mediums, so we don’t have a problem of our applications being trusted. Which is why we are apprehensive about buying a certified Digital Certificate just for this WindowsServer2008 Logo program.

    Monday, February 18, 2008 10:15 AM