It's that time again (code signing certificates)

As I said in a previous, post code signing annoys me these years like as networks did many years ago. I've just had to renew my Comodo code signing certificate, and as usual K-Software (a Comodo reseller) made it as painless as possible. 

The process has not changed, but the graphical interface of Firefox has. So for my own future self and for others in my position now here's how it is done.

Once you have ordered the certificate from K-Software, and they have worked their magic in the case of any hiccups with Comodo, your'll get an email from Comodo, something like this:


Click on the link in the email and  the next thing you'll see is a web page on the Comodo site which asks you to enter your collection code. If all has worked well the collection code will appear in the web page automatically:


Click on the Collect Certificate button and the next screen you see should be like this:





The phrase about backing up the private key is a bit misleading if you intend to use the certificate to digitally sign your executable file. "Backing up" the certificate actually creates the file you'll use to do the code signing. So it is not really just a backup, it is central to the reason I bought the certificate.

You can see the certificate you have just collected by doing this (in FireFox):



And then selecting the certificate you want to view as shown below. Note that you can assure yourself that it is a SHA256 certificate by going into the details tab, also shown below.


 Remember that you save the pfx/p12 file by "backing it up" as shown below:
So if you've managed to save the file you can now use it to sign your executable programs.

And it does not guarantee anything to the person downloading your file, it only gets rid of the big red warning message when they download it. But that warning message could mean a lost sale...






Comments

Post a Comment

Popular posts from this blog

3D printers – about time I got one eh?

Image
Since I've been selling a 3D printer program ( PhotoToMesh ), since 2010, more than 4 years ago, I thought it might be time to get hold of a 3D printer myself, instead of relying on indulgent friends and beta testers. Here in Italy it was cheaper to by from a local distributor than Amazon.it, since if the distributor has a shop nearby, you can save 50 Euros on delivery by going to pick it up yourself. So it cost 599 Euros for my XYZPrinting DaVinci 1 3D Printer. Foolishly I had not thought to read the measurements of it, and when I saw the box in the shop I thought: Ah, what do I do now? I had to push down the back the seats of my little Kalos car to get the box to fit in it. I found a place for it at home, but with difficulty. Now when I buy things that cost that much I always feel a bit sick in my stomach. Am I doing the right thing? Will it work? Is it a waste of money? I decided to set it up the following morning, when I'd be bright and intelligent. Ok, stop smi
Read more

How I don't learn from experience

Image
On the morning of last day of the year I fixed a friend's audio amplifier, a Luxman L30. The right channel had gone. We'd bought the replacement transistors on E-Bay. They arrived on the 30th. I'd previously looked inside the amplifier and thought "buggar me this is going to be awkward. I'm going to have to desolder four heavy duty power duty transistors just to get at the circuit board." But I'd said I'd do it and thought I'd better have a go. I was slightly worried about the job and it even disturbed my sleep. In the holiday morning though I uncharacteristically decided to stop watching TV and get on with it. I found the solution, did the job, and got the amplifier working again. (See the end of this blog entry for details). I was so happy when I heard music coming out of both speakers. The evening of last day of the year. The food was nice, the wine was fine, the company pleasant, but after the first hour I was bored o
Read more