0

Before this gets marked as duplicate I have found answers at several sources (source 0, source 1, source 2) however all of them either use makecert.exe, signtool.exe, or fail to mention proper workflow of the New-SelfSignedCertificate command in PowerShell 4.

Could you describe the certificate signing process to an absolute novice?

The process should be free and understandable for someone who has nothing to work with but an executable they made and a domain (in my case purchased from Google Domains).

The end goal of this is to remove the "Unknown Publisher" warning from all of my applications that I have made for other people to use. Usually these are packaged by PyInstaller as single-file applications, however I plan to expand this to full installable applications with one main executable in the future.

UAC Example

The file that I will be testing this on is my Bonjour Installer that simply finds the iTunes installer from Apple's website, extracts only Bonjour, and runs only the installer for the system architecture.

I should also mention that I am doing this on Windows 10.

Jacob Birkett
  • 1,927
  • 3
  • 24
  • 49
  • This is literally a duplicate question. Attempt one of the methods then ask a specific question about specific problems that you have implementing that method. – EBGreen Feb 28 '18 at 20:53
  • @EBGreen This is a question asking for something different than the one I linked, did you see the disclaimer? I am asking what workflow should be used in my specific scenario, not just for the names of commands as given in the other post that both of us linked. – Jacob Birkett Feb 28 '18 at 20:56
  • That answer covers creating a cert and using that cert to sign code. That is the workflow for signing code. – EBGreen Feb 28 '18 at 21:00
  • Did you follow the steps listed there? – EBGreen Feb 28 '18 at 21:00
  • @EBGreen No, because the actual answer at all of these is deprecated. Not to mention, the docs linked in the first source results in a 404. How do I get `signtool`? I installed the SDK linked, and it doesn't appear anywhere on my hard drive. – Jacob Birkett Feb 28 '18 at 21:07
  • I would start with Powershell and Get-Help New-SelfSignedCertificate – EBGreen Feb 28 '18 at 21:15

0 Answers0