[Interest] Qt Install Framework - Becoming a Microsoft Known Publisher
Nuno Santos
nunosantos at imaginando.pt
Tue Oct 9 17:58:23 CEST 2018
Elvis,
That’s interesting! Thanks for sharing that info.
The price is considerably different!
I personally think this is a anual robbery! :D
Best,
Nuno
> On 9 Oct 2018, at 16:54, Elvis Stansvik <elvstone at gmail.com> wrote:
>
> Den tis 9 okt. 2018 17:29Nuno Santos <nunosantos at imaginando.pt <mailto:nunosantos at imaginando.pt>> skrev:
> Christopher,
>
> In order to have Microsoft’s SmartScreen saying your company name, you need to buy a EV certificate:
>
> Let me add that it's not strictly necessary to use an EV certificate to get rid of SmartScreen. It's possible with a "regular" certificate as well, it just takes some time for the cert signature to become whitelisted at Microsoft (they track user installs).
>
> We use a regular (cheaper) code signing cert from Digicert. For a while, users running our installer would still get a SmartScreen warning, but as the number of installs grew, at some point the warning disappeared due to whitelisting.
>
> An EV certificate would establish trust faster, and I think the rules behind the whitelisting is rather undocumented.
>
> HTH,
> Elvis
>
>
> https://www.globalsign.com/en/code-signing-certificate/ev-code-signing-certificates/ <https://www.globalsign.com/en/code-signing-certificate/ev-code-signing-certificates/>
>
> It costs around 300 euros a year.
>
> There are several providers for this. Globalsign is just one. Then you will receive a usb dongle with your certificate (GlobalSign sends a USB dongle).
>
> When you have it, you need to configure it. The provider tells you what to do.
>
> After that you need to invoke a command like this:
>
>
> signtool.exe sign /a /tr http://rfc3161timestamp.globalsign.com/advanced <http://rfc3161timestamp.globalsign.com/advanced> /td SHA256 EXE_TO_SIGN
>
>
> Best,
>
> Nuno
>
>> On 9 Oct 2018, at 16:20, Christopher Probst <christop.probst at gmail.com <mailto:christop.probst at gmail.com>> wrote:
>>
>> Thank-you Nils for your reply.
>>
>> I think signing your installer should solve this. "Trust" can be bought
>> with the certificate.
>>
>>
>> Please forgive my ignorance, but how does one sign an application with Microsoft? The documentation online seems unnecessary complex for something that should be routine. Any help is appreciated.
>>
>> Thanks,
>> Christopher
>> _______________________________________________
>> Interest mailing list
>> Interest at qt-project.org <mailto:Interest at qt-project.org>
>> http://lists.qt-project.org/mailman/listinfo/interest <http://lists.qt-project.org/mailman/listinfo/interest>
>
> _______________________________________________
> Interest mailing list
> Interest at qt-project.org <mailto:Interest at qt-project.org>
> http://lists.qt-project.org/mailman/listinfo/interest <http://lists.qt-project.org/mailman/listinfo/interest>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/interest/attachments/20181009/030b3cb8/attachment.html>
More information about the Interest
mailing list