1. TortoiseHg
  2. TortoiseHg
  3. hgtk
Issue #280 resolved

Installer should have digital signature

Peer Sommerlund
created an issue

The installer and uninstaller should have a digital signature, to avoid a security warning from Windows.

Ask Inno to sign uninstaller. See Inno Documentation [Setup] SignedUninstaller

A tool to sign the installers, like signcode or signtool http://www.google.dk/search?q=signcode.exe

A signature, for example a self-signed certificate. http://www.google.dk/search?q=makecert.exe

Comments (9)

  1. Adrian Buehlmann

    Yeah, would be nice to have. But I thought a self signed certificate should only be used for testing purposes?

    Unfortunatley, real certificates are quite costly (I once bought some at work, but we stopped doing so due to the cost). It would be really nice if there would be a CA that sponsors and supports open source projects (usually, you have to provide corporate documents as proof -- not really a good fit for peer driven projects).

    Without a proper certificate, signing probably isn't really worth the trouble. I wouldn't be surprised if Windows would moan on self signed certificates thoroughly anyway (I haven't checked and can't remember what it did back when I tried last time).

    Peer, do you know how Windows reacts on self signed certs these days? Is it any better than not signing at all?

    What are other open source projects doing with regards to signing? Can we learn from others :) ?

  2. Peer Sommerlund reporter

    I just tested TortoiseCVS and TortoiseSVN and neither have a certificate.

    Open Office has a signature by Sun, but I still get a warning (a yellow sign instead of a red sign).

    Conclusion: We can probably do without signing.

  3. Log in to comment