I'm trying to make an " msi " using cx_freeze. When I distribute it to users, it's showing unknown publisher.
How to get publisher certificates, How can I add it to cx_freeze?
Asked
Active
Viewed 1,664 times
1 Answers
3
You need to purchase a certificate from a certified vendor, like Verisign or Thawte. The certificate must be a code signing Microsoft Authenticode certificate.
Sign your binaries and the MSI with this certificate and your users will now see your company info in the UAC prompt from now on.
EDIT To sign the files you can use SignTool.exe
Bogdan Mitrache
- 10,536
- 19
- 34
-
how to sign my binaries? – gwthm.in Jul 22 '14 at 16:24
-
What I understand is, I need to sign binaries. But using python and cx_freeze it directly produces msi bundle. Can I add cert to msi bundle directly ? – gwthm.in Jul 23 '14 at 05:09
-
Yes, you can and you must sign the MSI too. That is the part that helps you get rid of the "Unknown publisher" message. I just recommended to also sign the binaries because its better to see that those are provided by you, for example for antiviruses. – Bogdan Mitrache Jul 23 '14 at 07:05
-
Thanks for the information you provided. Can I get certs for free? – gwthm.in Jul 24 '14 at 17:34
-
I'm afraid not (from what I know), all valid certificates are generated by companies that do this for a business (so they need to get money somehow :)). However, I recommend you research the offers very well, as the prices can vary quite a lot. [P.S. don't forget to mark the question as answered] – Bogdan Mitrache Jul 25 '14 at 06:25
-
2This still doesn't quite answer the question though. In order to build a msi file with cx_Freeze you must run: `python setup.py bdist_msi`. This builds both the binary .exe, and then the .msi, but as far as I can tell there are no ways to hook into the `bdist_msi` command to codesign the .exe before it builds the .msi. – micah Sep 04 '16 at 23:48