3

I am in a very tricky situation and I will attempt to explain it as well as I can. I will write my problem in concise numbered steps and at the end, I will boil this down to one or a few clear questions.

  1. I wrote a program in python. (no other languages used)

  2. I then used pyinstaller to convert this into a .exe so I could share it with my friends without them having to install python or any other external libraries.

  3. When my friends attempted to download this exe, their Windows Defender and other AntiViruses showed up and it wouldn't let them run the program.

  4. I did some research and learnt that my exe did not have a publisher added and therefore, Windows Defender prevented users from opening the file.

  5. To add a publisher I learnt that I needed to digitally sign this and make a certificate, so I installed a program called DigiCert, which could add a certificate to the exe.

This is the problem, I do not know how to make a code signed certificate for my program for free.

So to condense all of this down, my question/questions are:

A) Is the issue actually about the fact that my exe does not have a publisher?

B) If so, how do I create a code signed certificate to add one?

I hope you understand the problem, and I would appreciate any comments or responses.

Many thanks

Harman Punchi
  • 85
  • 2
  • 9
  • These certificates are not cheap and you usually get one if you have a registered company. There is no point in certificates if just about anyone get create certificates with any content from nothing and self sign them. So the first question is do you have a company? Do you really want to go through the lengths of buying certificates for your company? – Tin Nguyen Aug 14 '20 at 10:39
  • This is the thing... I want a cheap and affordable method of obtaining a certificate but I don’t want to go into all of the hassle and expense of buying a certificate for my company, do you have any idea of how much it might cost altogether? – Harman Punchi Aug 14 '20 at 10:41
  • My last figure was $400 a year. – Tin Nguyen Aug 14 '20 at 10:42
  • That’s too much for me! Surely there must be another way – Harman Punchi Aug 14 '20 at 10:42

1 Answers1

2

By default, the applications you create don't have a signed certificate. However, if you want to sign it, you need to have a valid signature. You can use official tools like signtool to sign your files.

Another way is to create a self-signed certificate and ask the user to install it; thus, your executables would be valid for the user's machine. Furthermore, you can automate the certificate installation in the installation wizard of your own application to rectify the certificate installation process.

P.S. The warning with Windows Defender can be bypassed sometimes. The main reason is that when creating an application with PyInstaller, it would use the default prebuilt bootloader, which may cause the warning. So try to rebuild the bootloader and recreate your application.

Masoud Rahimi
  • 5,785
  • 15
  • 39
  • 67