During the build process, use EV Code Signing to give instant validation to the Publisher status of the executable. This is not actually a bug, nor is it an actual security issue with the app. It happens because I did not spend the money to sign the executable with an official authority certificate, so it gets build as an unknown publisher.
COST: $300 - $600 ( depending on issuer )
Acceptance Criteria:
Installing the Weather Bar App on Windows Machine should not throw an error stating the app is insecure. We will not need to release a new App Version for this, just rebuild and sign the Windows executable and replace the current latest versions file. This is because those that have already downloaded previous versions will have already chosen what to do with the installer. Once it's fixed, they can just re-download the app if they chose to not install the app without the code signing.
Known Limitations:
Currently this requires up-to-date DUNS contact info and mine was ten years old. The DUNS update takes a max of 21 days to complete, and it was started today ( date of ticket ). Once the DUNS is updated with my latest contact info, I can register for an EV Code Signing Certificate, which will take another 7-10 days to complete. Then they will send a physical USB device that I can use to code sign the application and update the current release.
Overview:
During the build process, use EV Code Signing to give instant validation to the Publisher status of the executable. This is not actually a bug, nor is it an actual security issue with the app. It happens because I did not spend the money to sign the executable with an official authority certificate, so it gets build as an unknown publisher.
COST: $300 - $600 ( depending on issuer )
Acceptance Criteria:
Installing the Weather Bar App on Windows Machine should not throw an error stating the app is insecure. We will not need to release a new App Version for this, just rebuild and sign the Windows executable and replace the current latest versions file. This is because those that have already downloaded previous versions will have already chosen what to do with the installer. Once it's fixed, they can just re-download the app if they chose to not install the app without the code signing.
Known Limitations:
Currently this requires up-to-date DUNS contact info and mine was ten years old. The DUNS update takes a max of 21 days to complete, and it was started today ( date of ticket ). Once the DUNS is updated with my latest contact info, I can register for an EV Code Signing Certificate, which will take another 7-10 days to complete. Then they will send a physical USB device that I can use to code sign the application and update the current release.
Relevant Documentation ( optional )