Code signing to help with Windows virus false positives
Brad Anderson via Digitalmars-d
digitalmars-d at puremagic.com
Mon Aug 15 10:05:32 PDT 2016
With all of the issues people are having with Windows Defender
now would be a good time to start code signing the Windows
installer and binaries (doing this is the first thing Microsoft
suggests on their page for Software Developers about Windows
Defender false positives).
I propose the D Foundation acquire a code signing certificate and
we start using it for releases. Alternatively any well known
organization member could be the signer (having "The D
Foundation" on the popup sure would look nice though). I'd be
happy to put my money where my mouth is and chip in some of the
money to cover the certificate cost.
I've used StartSSL's code signing certificates successfully for
this purpose but I imagine any vendor will do. The biggest hassle
is certificate format conversion but once you've got the
certificate in the Windows certificate store signing is just a
command line call that can be easily scripted.
There is already an issue created for this here:
https://issues.dlang.org/show_bug.cgi?id=16065
More information about the Digitalmars-d
mailing list