Windows 8 Certificate Warning: We can't verify who created this file

Question

Despite successfully signing my C++ app on Windows 8 with signtool with a valid timestamp server and certificate, when I (local) or my users (remote) attempt to run the app, Windows displays the following message:

Open File - Security Warning We can't verify who created this file. Are you sure you want to run this file?

I am using signtool with a Comodo certificate and sign with options /f, /p, and /tr. I am confident that the signature is successful because it removes most of the runtime security warnings for my users.

'Security Warning' Dialog:

enter image description here

I am having a similar problem with my program that I wrote in java, if you found a fix can you let me know? — ItsRainingHP, Mar 22 '14 at 02:02

score 7 · Answer 1 · edited Mar 29 '22 at 23:44

It seems that Microsoft, in 2013, made a change to Windows such that executables opened from a network drive will ALWAYS give this warning, even if they are signed. Source (it is brought up in the comments section by Kraig Whiting): Everything you need to know about Authenticode Code Signing - IEInternals - MSDN Blogs (archive link)

It seems the only way to make this go away is to do what user4437298 suggested, which is to add the network drive as a trusted zone.

score 2 · Answer 2 · answered Jan 09 '15 at 14:56

2

Add your z:\ drive to trusted sites in internet explorer local intranet advanced options

answered Jan 09 '15 at 14:56

user4437298

21
2

Windows 8 Certificate Warning: We can't verify who created this file

2 Answers2