Infralution Support Forum Index Infralution Support
Support groups for Infralution products
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Signing the assembly

 
Post new topic   Reply to topic    Infralution Support Forum Index -> .NET Encryptor Support
View previous topic :: View next topic  
Author Message
Javier



Joined: 09 Oct 2009
Posts: 215

PostPosted: Wed Sep 09, 2015 8:33 pm    Post subject: Signing the assembly Reply with quote

I'm facing a problem: Norton's SONAR keeps interpreting that my bootstrapped application Steel.exe is harmful and it gets deleted. Some clients have reported the same issue when an update is installed. I have sent the file to Symantec and I'm waiting for their response, but I think that probably it has to do with the fact that the file is not digitally signed, so the developers are unknown.

I do have a code signing certificate that I use to sign the installer file, and it works fine. However the bootstrap (and all the assemblies in it) has a strong name as suggested in your Help. How can I sign my application with my code signing certificate, so that the developer company shows up in its properties?

Do you think that this could be the problem? Thank you.
Back to top
View user's profile Send private message
Infralution



Joined: 28 Feb 2005
Posts: 5027

PostPosted: Wed Sep 09, 2015 10:44 pm    Post subject: Reply with quote

Code signing can certainly help avoid false virus detections. You just sign the final (bootstrap) executable just like you would any other executable.
_________________
Infralution Support
Back to top
View user's profile Send private message Visit poster's website
Javier



Joined: 09 Oct 2009
Posts: 215

PostPosted: Wed Sep 09, 2015 11:36 pm    Post subject: Reply with quote

So, the strong name under the Signing tab of the bootstrap assembly doesn't have anything to do with signing the final executable? I'm confused. Thank you.
Back to top
View user's profile Send private message
Infralution



Joined: 28 Feb 2005
Posts: 5027

PostPosted: Thu Sep 10, 2015 12:01 am    Post subject: Reply with quote

This is a common source of confusion. Strong naming of assemblies has nothing to do with code signing. Strong name of assemblies just ensures that an assembly has not been tampered with since it was signed with a given strong name. It doesn't say anything about the credibility or identity of the person who strong named the assembly - anyone can generate a strong name and use it.

Code signing on the other hand requires that you get a certificate from a certificate authority and sets up a chain of trust. It tells customers that an executable was signed by you - and gives them a reason to trust that the executable is not malicious.
_________________
Infralution Support
Back to top
View user's profile Send private message Visit poster's website
Javier



Joined: 09 Oct 2009
Posts: 215

PostPosted: Thu Sep 10, 2015 12:03 pm    Post subject: Reply with quote

I understand now. Probably the confusion would disappear if the tab in VS said "Naming" instead of "Signing". Thank you.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Infralution Support Forum Index -> .NET Encryptor Support All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group