Hello, this blog is part 10 of the series ‘The Octyx 2016 Story’. See for the overview (part 1), full background and a list all related blogs the link here.
This specific blog describes in more detail how I ‘code-sign’ my Octyx application.
What means ‘code-signing’ ? According to Wikipedia, signing, or code signing, is the process of digitally signing executables and scripts to confirm that my small company is indeed the correct software author. Besides it gives a guarantee that the code has not been changed since it was signed by me.
So how does this work ? First of all you have to get a certificate (like in the old world, someone who can confirm it is you asking for some document). There are various companies in the world who offer (meaning sell) such certificates. The best known are, between others, companies like VeriSign or DigiCert.
They check your company data and ensure that my company really exist. Then then will send a link to download a certificate which I had to install on my development PC’s. Such certificates have always a begin and end date. The more longer time you wish, the more expensive it is.
After having installed such certificates on your browser(s), I did an export to have this a specific file into a working directory.
With the ‘sign tool.exe’ file from Microsoft it is then easy to sign the various applications. After signing, when clicking right on properties, you should see the below information on the certificates..
I do the code signing for all my applications, including the official installation file to ensure that anti-virus tools accept the download in an easy way. And it gives an extra security to my Octyx users.
Enjoy the Octyx blogs, and take care. Go back here to the overview. Octyx manages your life!
Bas Eshuis, Belgium.
April 30, 2016