15

I wrote an app and I want to sell it online, so I uploaded it to my website and tried to download and run it as a test, but a window appeared, it said : "The publisher could not be verified. Are you sure you want to run this software ?", and it also said : "Publisher : Unknown Publisher". It's actually a self-signed Java jar file wrapped into an exe file, I self-signed it with Netbeans6.7.

I wonder what should I do to be a "known" publisher ?

Frank

Frank
  • 30,590
  • 58
  • 161
  • 244

2 Answers2

12

You'll need to sign the EXE with a code signing certificate from a trusted root certification authority.

http://www.thawte.com/code-signing/

https://www.verisign.com/code-signing/

You'll find more CAs with a simple Google search.

Keep in mind, even though this is a Java JAR, the dialog you're seeing is from Windows complaining about the EXE being unsigned. You'll need a MS Authenticode signing certificate to sign the EXE. I'm not too familiar with Java, so you may or may not need a certificate to sign the JAR as well. (Note a self-signed certificate will never be recognized as fully Trusted and Valid on any computer other than your own.)

josh3736
  • 139,160
  • 33
  • 216
  • 263
3

You need to sign it with an approved signing certificate an example is at http://codesigning.ksoftware.net

Krzysztof Sakowski
  • 125
  • 1
  • 10
Romain Hippeau
  • 24,113
  • 5
  • 60
  • 79