Is your feature request related to a problem? Please describe.
Currently when I open the Ferdi installer (on windows 10), Windows complains that the application is not trusted and asks the user to make a choice.
Describe the solution you'd like
Can we code sign the application so that the app can be trusted by users?
Describe alternatives you've considered
@kytwb - If we can procure signing certificates, we can work on setting this up - https://www.electronjs.org/docs/tutorial/code-signing
mahadevans87
All 13 comments
@mahadevans87 The price vary quite a bit for the certificates, I am not sure if there is a difference. Should we just go for the cheapest we find?
Links from the Electron docs:
https://www.digicert.com/code-signing/microsoft-authenticode.htm
https://www.comodo.com/landing/ssl-certificate/authenticode-signature/
https://au.godaddy.com/web-security/code-signing-certificate
kytwb
on 23 Apr 2020
Yes. I think we can get the cheapest option. I see that Microsoft suggests a list of code signing options -
https://docs.microsoft.com/en-us/windows-hardware/drivers/dashboard/get-a-code-signing-certificate?redirectedfrom=MSDN
- Do we need to buy a separate cert for Mac & Linux?
mahadevans87
on 23 Apr 2020
@mahadevans87 We are already signing/notarizing for macOS (https://github.com/getferdi/ferdi/issues/35). I don't think that's necessary for Linux. Thanks for the additional link, I will take a closer look.
Let's take care of this for 5.5.0 stable (https://github.com/getferdi/ferdi/issues/536)?
kytwb
on 23 Apr 2020
I am not sure about the financial model of Ferdi and how much could be invested on code signing. I have heard about Comodo previously.
mahadevans87
on 23 Apr 2020
@mahadevans87 Ferdi is free and receive donations / financial contributions via Open Collective / GitHub Sponsors. We can then use those funds to reimburse Ferdi-related expenses (Apple Certificate + AWS bills so far). I will take a look at getting a certificate and will later fill an expense.
We also wanted to put a bounty on some issues to help fund Ferdi's development, so I'll fill my expense or at least get it reimbursed at a later stage after we receive more donations 馃檹 Like this we are not blocked for https://github.com/getferdi/ferdi/issues/592 and can start funding active development. What do you think @vantezzen?
kytwb
on 23 Apr 2020
I think you can fill your expense immediately and not postpone it. If we end up setting up IssueHunt for #592, other people can also directly contribute to the issues they want to see implemented - so it doesn't fully rely on our OpenCollective donations. Also, by that time we may have also gotten more donations that we can set up for bounty.
vantezzen
on 23 Apr 2020
Bought the signing certificate, but having some issues with Sectigo website; in touch with their technical support, a ticket has been opened. I will update again tomorrow.
PS: Sectigo <> Comodo are the same, Sectigo calling price of $166/y jumps to $179.95/y once in the cart.
kytwb
on 23 Apr 2020
Latest update:
I had to install a Windows VM as I was only able to request the certificate on Internet Explorer. I have posted some updates in https://github.com/getferdi/ferdi/issues/415.
kytwb
on 24 Apr 2020
Got the certificate! 馃帀 Added CSC_LINK and CSC_KEY_PASSWORD to AppVeyor as per https://www.electron.build/code-signing
kytwb
on 24 Apr 2020
Expense submitted as well https://opencollective.com/getferdi/expenses/16643 馃檹
kytwb
on 24 Apr 2020
that is excellent news.
mahadevans87
on 24 Apr 2020
Awesome !!
sampathBlam
on 24 Apr 2020
Related issues
sbienkow
路
3Comments
webworker01
路
3Comments
adithshenoy
路
3Comments
PeSader
路
3Comments
alegiglio
路
3Comments
Most helpful comment
Bought the signing certificate, but having some issues with Sectigo website; in touch with their technical support, a ticket has been opened. I will update again tomorrow.
PS: Sectigo <> Comodo are the same, Sectigo calling price of $166/y jumps to $179.95/y once in the cart.