code-signing

Invalid iPhone Application Binary

I'm trying to upload an application to the iPhone App Store, but I get this error message from iTunes Connect: The binary you uploaded was invalid. The signature was invalid, or it was not signed with an Apple submission certificate. My guess is that it is not properly signed. I have downloaded my App Store distribution certficate...

Java Code Signing Certificates...same as SSL Certificate?

I'm looking around for a Java Code Signing certificate so my Java applets don't throw up such scary security warnings. However all the places I've found offering them charge (in my opinion) way too much, like over $200 per year. While doing research, a code signing certificate seems almost exactly the same as a SSL certificate. The mai...

How do I create a self-signed certificate for code signing on Windows?

How do I create a self-signed certificate for code signing using tools from the SDK? ...

How do you sign your Firefox extensions?

I have developed a couple of extensions for Firefox, and am annoyed that it is so hard to get the extension signed. When an extension isn't signed, it says "Author not verified" when it is installed, and to me that just looks wrong. I have a simple build script that builds my .xpi file from sources, and I have a licenced copy of PKZip ...

Cheapest Java Code Signing Certificate? (not self-signed)

Does anyone know where I can get an inexpensive Java code signing certificate? Everywhere I look wants $200 to $300 per year! Unfortunately I cannot use a self-signed one, I'm trying to get rid of the scary warnings so that users will be more likely to accept my application. And as far as I know (per this question), it has to be a code s...

Only creating a COM object if the DLL that implements it is signed?

We've got some code that uses LoadLibrary and GetProcAddress to implement a plugin architecture for one of our products. We ensure that the DLL about to be loaded is signed with our code-signing key. We're changing the plugin architecture to use COM instead. Is there a way to enforce code-signing (preferably with our certificate) when i...

What is special about a code signing certificate?

Is it different from any other certificate I can generate via makecert or buy from some authority? ...

Assembly "is not signed correctly." Warning

I have a mobile .NET solution and decided to sign the assemblies. Compilation completes without errors but gives the warning 'CompactUI.Business.PocketPC.asmmeta, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' is not signed correctly. The application is working fine but I can't open the designer for forms using this assembly an...

Code Signing Certificate Options

I've been assigned the task of buying a digital certificate for my company to sign our code. We develop applications in the Microsoft space - mostly WPF or Web Based. I've investigated options and found Comodo to be well priced and responsive, and we're ready to go ahead and purchase a cert through them.. however in the signup form ther...

Signing a Windows application given a .SPC file?

My client wants to sign the application code. He gave me an .spc file for signing a .NET desktop application. How should I use it within the app? Thanks ...

How do I build deployment project without un-signing my assemblies?

I'm not very experienced with builds - this may be really easy! I have a simple application with a simple deployment project. I went to the directory where the release-compiled versions of the DLLs are, signed all of them (verisign), and then went to the deployment project, chose Build (not REbuild), and it recompiled all my assemblies...

What happens when a code signing certificate expires?

I am considering purchasing a code signing certificate from VeriSign or Thawte to sign an XBAP with. My question is this: What happens when that certificate expires? $299 and $599 are pretty hefty prices for 1-year/2-year cerificates, and if I have to deliver a newly signed build to my customers whenever my certificate expires, then I'll...

Can I remove a digital signature from a DLL?

My installer build "signs" a DLL using a Code Signing certificate during the build process. I've noticed that if I try to build twice in succession, the second build fails because the DLL is already signed so signcode chokes. Obviously I can fix this by signing a copy of the DLL in the build, but the problem intrigued me: Is it possi...

What is needed to setup a (personal) executable/code timestamp service?

We are using verisign's time stamp service currently, but every so often the time stamp server becomes unavailable - mostly due to our ISP failing. We now timestamp everything we build, even simple dev builds as we had a lot of trouble with Vista not running the unsigned/unstamped files properly. Can we setup a time stamp service to do...

Can you create per-user project settings in Xcode?

I'm collaborating on an iPhone application, with the project files (.xcodeproj directory) checked into source control. One important setting is the "Code Signing Identity", which specifies the certificates to use to sign the application in order that it can run on the iPhone. Each developer on the project has his own Code Signing Ident...

Xcode: iPhone app codesign error

When building a new iPhone app in Xcode, I'm getting this error: codesign error: code signing identity 'iphone developer' does not match any code-signing certificate in your keychain. once added to the keychain, touch a file or clean the project to continue. What's the fix? ...

Strong Name Validation Failed

Two machines. Both with .NET 3.5 and the VS 2008 VC++ SP1 redistributables A single exe which uses two signed DLLs, one in C++/CLI and one in C# The exe loads and runs fine on one machine. On the other, I get "Strong Name Validation Failed" on the C++ executable (HRESULT 0x8013141A) Any ideas? ...

Have anyone used GoDaddy's Code Signing Certificate with ClickOnce

According to the FAQ to GoDaddy they support SignTool from Microsoft, but mage.exe isn't mentioned. Mage.exe is used to sign the application, but I haven't been able to figure out if mage.exe uses SignTool. If anyone have used GoDaddy's code signing certificate for ClickOnce a short confirmation would have been appreciated. ...

How to add/trigger-exposure-of twiddle-down for Code Signing Identity field in Xcode?

In Xcode, in only one project (that is, all other projects work the way I expect), in the Target Info window, build tab, the Code Signing Identity field-title does not have the twiddle to expose the "Any iPhone OS Device" field. How do I add it or trigger its exposure? ...

How to validate a signed DLL has been signed by me?

I have created a self generated certificate to sign a DLL. When I load this DLL into my C++ application I am able to validate if the code signing certificate is valid or not by using the WinVerifyTrust api. But I am not able to find a way to detect that the DLL has been signed by one of my certificates. Even by using the CryptQueryObj...