0

i builded an app running in console with Python. Then i made this app convert to exe. i wanna publish this app on the web. So i signed this app. But i see this problem:

This CA Root certificate is not trusted. Upload this certificate to the Trusted Root Certification Authorities store to be trusted.

From this warning i understand that i must my upload certificate to the Trusted Root Certification Authorities store. But i do not know it way.

My app certificate' s is:

https://www.digicert.com/support/tools/certificate-utility-for-windows

Who issued certificate:

http://127.0.0.1:5000/

Whom was issued certificate:

http://127.0.0.1:5000/

Signature algorithm:

sha256RSA

MattDMo
  • 100,794
  • 21
  • 241
  • 231
01yildizmustafa
  • 31
  • 5
  • Are you asking how to get your app signed by a certificate that any Windows computer trusts, or how to get it signed by a certificate that your computer trusts? Because those are different processes that take different amounts of time and $$$. – Nick ODell Sep 04 '22 at 18:40
  • 1
    1) What does this have to do with Python, or programming at all? 2) There's no way a certificate created for 127.0.0.1 will be published. Literally (and I mean literally) *every single host on the internet* is 127.0.0.1 to themselves. – MattDMo Sep 04 '22 at 18:40
  • @NickODell windows – 01yildizmustafa Sep 04 '22 at 18:43
  • @MattDMo i don't know these things so I'm here. So I'm asking you. i do not know way. if i know i do not ask. just i tried to explain as best i could – 01yildizmustafa Sep 04 '22 at 18:52
  • Does this answer your question? [Signing a Windows EXE file](https://stackoverflow.com/questions/252226/signing-a-windows-exe-file) – Nick ODell Sep 04 '22 at 21:20

1 Answers1

1

You're using self-signed certificate i.e. certificate is not issued from valid trusted Certificate Authority. If you want to publish the app for public, then you've to sign it by obtaining the certificate from valid trusted certificate authority (CA). In case, you want to manually share the app with the recipients, and they're aware of the possible risk factor then you can share the issuer certificates with them, and they've installed those into the windows trust store.

Just search for certmgr on windows and add the issuer certificates into Trusted Root Certification.

b.s
  • 2,409
  • 2
  • 16
  • 26
  • thank you. i want to publish my app for public. how to get my certificate from valid trusted certificate authority (CA)? i did the following: certmgr > personal > certificates > copy http://127.0.0.1:5000/ then certmgr > trusted root certificate authorities > certificates > paste then i see this: windows cannot verify that the certificate is indeed from http://127.0.0.1:5000/ . You should contact http://127.0.0.1:5000/ to confirm the source of the certificate. What i must do – 01yildizmustafa Sep 04 '22 at 19:53
  • You've to purchase it. Check code signing section from the site you've already mentioned in the question `https://www.digicert.com/order/order-1.php` – b.s Sep 05 '22 at 06:14