Discuss Home · Bootstrapped Podcast · Scribbleton Personal Wiki · HelpSpot Customer Service Software

Code signing certificate recommendation


#1

Which code signing certificate do you use/recommend for signing desktop software?

All that I am looking for from the certificate is avoiding the warning message Windows would otherwise display while installing the software,

Thanks.


#2

I’ve been happy with KSign, seem one of the cheapest. Have renewed twice now with them.

http://codesigning.ksoftware.net/

They have their own desktop app that makes signing a breeze.


#3

Here I found the cheapest price: codesigncert[dot]com[slash]comodocodesigning . But I can’t recommend it since I haven’t used it.

I also remember reading online that retailers tend to give cheaper prices.

As per the tech behind code signing it doesn’t matter if you buy the certificate from authority 1 or authority 2. That is why I would go with the cheapest I can find.

If only Microsoft were like Apple and issued code signing certificates as a part of their developer program, the world would’ve been a better place.


#4

+1 for KSign. We use them as well.


#5

I use ksign. I recommend buying a certificate with the maximum possible duration, as it can be a real pain each time to acquire, no matter who the provider is.


#6

Another vote for KSoftware. As @SteveMcLeod says, get a longer duration one to reduce the hassle of yearly renewals.


#7

Another vote for both KSign. Btw. they’re Comodo reseller, so Comodo is doing verification part and delivers certificate. I also recommend purchasing max available duration. However, if money is tight, renewal process is a bit less demanding than first purchase. At least in my case they found company record in some DUNS database, and all that I had to is answer some automatic call.


#8

I’ll go against the grain and say you should shell out the extra cash an buy an EV code-signing cert/dongle. Yes, it will cost more in the short term but you have the added benefit of automatically being trusted by Microsoft’s smart screen.

We use Digicert’s EV cert and we’re happy with it: https://www.digicert.com/code-signing/ev-code-signing/

More information about that here:

If being trusted by smart screen isn’t important to you, then yeah, go with whatever is cheapest.


#9

Re: EV vs OV.

Wyatt is for EV, and it makes sense… but also costs a lot more. For a software with no revenue yet the difference is important.

Folks, in your experience - how quickly OV is getting trusted by Smart Screen?