1

I am creating a project and I did an installer for windows. When I click the installer, I encounter with a warning which is "that do you want to allow this app from unknown publisher to make changes to your device". Probably the reason of it security reasons. I do not want to see it when I install my program. How can I do it? Thanks

Latif Uluman
  • 257
  • 3
  • 13
  • 2
    You need to sign the MSI with a digital certificate. [Some information on Microsoft SmartScreen and digital certificates here](https://stackoverflow.com/q/50407893/129130). As far as I know you need an [EV-code signing certificate](https://en.wikipedia.org/wiki/Extended_Validation_Certificate). EV => "Extended Validation". – Stein Åsmul Sep 25 '20 at 17:18
  • 1
    [Here is one more link](https://stackoverflow.com/questions/51204163/installshield-custom-dialogue-installer), please check it. – Stein Åsmul Sep 25 '20 at 17:25
  • @SteinÅsmul I had get a certificate and I signed my executable with this certificate. Now, when I try to install my app, I see myselft as publisher instead of unknown. Thank you so much. – Latif Uluman Sep 27 '20 at 18:58
  • Great, I added the answer below so you can accept it - for others who see this. – Stein Åsmul Sep 27 '20 at 19:01

1 Answers1

1

You need to sign the MSI with a digital certificate. Some information on Microsoft SmartScreen and digital certificates here.

As far as I know you need an EV-code signing certificate. EV => "Extended Validation".

Signing Process: Odd 'Program name' when installing signed msi installer

signtool.exe /d "Your Software Name"

Many MSI tools incorporate this process inside their tools's GUI (it happens auto-magically when you point to the certificate).

Actual command line used by Latif Uluman (from comments):

signtool sign /debug /fd SHA256 /tr timestamp.globalsign.com/scripts/timstamp.dll /f certificatepath /p certificateprivatekey executablepath

Links:

Stein Åsmul
  • 39,960
  • 25
  • 91
  • 164
  • I followed the method of @Stein. Additionally I added some extra options. The final command of me is: signtool sign /debug /fd SHA256 /tr http://timestamp.globalsign.com/scripts/timstamp.dll /f certificatepath /p certificateprivatekey executablepath – Latif Uluman Sep 27 '20 at 20:15
  • 1
    Great, I updated the answer. Thanks for taking the time to add that detail. – Stein Åsmul Sep 27 '20 at 20:51