Discuss Home · Bootstrapped Podcast · Scribbleton Personal Wiki · HelpSpot Customer Service Software · Thermostat NPS

Is Comodo certificate still trusted on WIndows to sign software?


#1

I am planning to renew my Comodo certificate, is Comodo still trusted on Windows?


#2

Yes. You need to ensure that you’re signing your app with SHA256 certificates, however. SHA1 signed apps are no longer shown as “signed” in modern versions of Windows. This also means you need to use an up-to-date signing utility (i.e. an up-to-date Visual Studio installation).


#3

Yes. I use a Comodo authenticode certificate for Windows software. But as @wyattoday says, you need to be mindful of SHA2. I wrote an article about what to do here:


#4

To answer a question on your blog page, no you can’t dual-sign MSIs, they can only be signed once. I tried. Also, Ksign won’t sign MSIs but Mitchell tells me there is a new version on the way that will.

I followed this tutorial for dual signing: http://certhelp.ksoftware.net/support/solutions/articles/217399-how-do-i-dual-sign-a-file-

That knowledge base is a good reference.

I also use a Comodo cart and it is fine.