PDA

View Full Version : Check your Code-Signing Certificate Expiry Date!



linder
03-25-2010, 05:25 AM
All,

Is your code-signing certificate due to expire? I would strongly suggest to
check this now! It is important you renew your certificate before the
expiry date. Once the certificate expired, you are unable to code-sign your
applications and/or installations!

Example: http://www.lindersoft.com/forums/showthread.php?t=22891

Please note that Comodo does not send renewal reminders!

To avoid having to resign software every time your certificate expires, use
the timestamping service. When you sign code, a hash of your code will be
sent to Certification authority to be timestamped. This means that you will
not need to worry about re-signing code when your Digital ID expires.
Microsoft Authenticode allows you to timestamp your signed code so that
signatures will not expire when your certificate does.

As a service to our customers, we have partnered with Comodo, Inc., a
leading WebTrust Compliant Certification Authority, to offer Comodo's range
of Code Signing Certificates and Public Key Infrastructure (PKI) based
Secure Sockets Layer (SSL) certificates to qualified Lindersoft customers.
If your Verisign or Thawte certificate is due to expire soon, Lindersoft
customers can switch to a 3-Year Comodo certificate for just $200 instead of
$500.

Do the math: a Verisign Code Signing Digital ID costs $499 for 1 year, $895
for 2 years and $1,295 for 3 years. A Thawte Code Signing Digital ID costs
$299 for 1 year and $549 for 2 years. A Go Daddy Code Signing Certificate
costs $199.99 for 1 year, $359.98 for 2 years and $509.97 for 3 years.

http://www.lindersoft.com/products_security_services.htm

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

SetupBuilder is Windows 7 installation -- "point. click. ship"

-- Official Comodo Code Signing and SSL Certificate Partner

torrid
12-31-2020, 02:24 PM
Is there a way to get the password for the signing?
I had it in a database on a local computer that has crashed and I have not been able to recover the computer.
The database is in a backup but it's inside a db file that I have not been able to open.

In other words... I don't know the password and have no access to it but need to sign the EXE file.

Alternatively, is there a way to sign the EXE in Windows using setup builder and not just the installer.
I was using a .bat file to sign the EXE file and THEN that is what is added to the installer which is then signed.

linder
01-02-2021, 02:50 PM
Hello,

if you store the password in the .sbp project(s), please send us the file and we can recover the password. If you store it in your IDE (for global signing), please send your sb10.lic.

Just send it to support [at] lindersoft [dot] com

Friedrich

torrid
01-02-2021, 04:38 PM
Friedrich,
Thank you for the offer. Glad to know.

It was an emergency situation where I had to do a release yesterday to fix a bug so I called Sectigo support.

Basically if anyone has this situation, you just go back to the browser that you used to download the certificate (or perhaps login to your Sectigo account and download it again).
Then just re-export it. I thought the password was related to the certificate but it is only used to protect it once exported.
So when exporting it again, you can set a new password. I did that and exported to a new file with new password and VOILA could sign my code again.

I still wonder if there is a way to sign the program EXE file from SetupBuilder rather than having to do it in the BAT file before compiling the installer in SB.