How to go about code signing, and authenticode?

Started by certforumz, September 24, 2015, 07:59:14 AM

Previous topic - Next topic

certforumz

Steps to follow for code signing your .exe , .dll, and other files:

1. Ensure that you could identify yourself or your organization.
   For individuals, you need a photo proof like driving license, and address proof. You will also need to get your phone and email addresses verified.

2. The cheapest available is tucows. They have arrangement with Comodo.
1 year Comodo Code Signing Certificate: $75.00
2 year Comodo Code Signing Certificate: $140.00
3 year Comodo Code Signing Certificate: $195.00

It is better to go for 3 yr sign-up as the renewal process is said to be a little cumbersome (if you can afford).

3. Ensure that you order from the computer that you install the certificate. Use Firefox browser (preferably latest version). Other browsers are also supported, check with COMODO website. Note that you would be using the same computer, and browser for signing the code.
Note: It is possible to export the certificate to another computer. But its again cumbersome, and better to avoid, if possible.

4. Always use TIMESTAMPS in signing process. If a timestamp is not specified, the signed code document becomes expired if the certificate expires. A TIMESTAMPED document is valid for indefinite amount of time. It is valid even if the certificate gets expired.

You can sign any number of code documents with one certificate. Only restriction is that a certificate is bound to only one computer at any given time.

For more details, check out this URL:

1. What is required for validation: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/253/16/

2. Buy code signing certificate at Tucows (they use Comodo, and you will be redirected there):
https://author.tucows.com/certs.php?sid=61850274c8dcd631e2b9e562c0fed859&account_id=293868&software_id=

3. Checkout this link for lot of info:
http://blogs.msdn.com/b/ieinternals/archive/2011/03/22/authenticode-code-signing-for-developers-for-file-downloads-building-smartscreen-application-reputation.aspx

Good luck!