Prepare signed windows binaries

Question

Prepare signed windows binaries

Closed this issue 4 months ago · 5 comments

teon commented 7 months ago

Our CI/build is prepared for signing, but we need to modify Windows build workflow to:

Sign the MSI produced (wireguard included and bundled was already signed)
After exe is generated with defguard MSI (signed) and wireguard (signed) - we need to sign the EXE
And release this signed exe

Answer 1 · 2024-08-07T11:08:57.000Z

The current 0.4.0 windows client is not signed. Will you fix that?

Answer 2 · 2024-08-07T14:33:31.000Z

@0rbiter it is signed. Can you showcase on a screen what you mean?

Answer 3 · 2024-08-08T07:36:03.000Z

It's the "windows protected you from running this software" SmartScreen warning. I might have mistaken this for signing a driver, it's just the Microsoft SmartScreen filter.
Apparently this can be prevented by submitting the application to Microsoft for malware analysis? EV or standard code signing certificates etc.
It's really irritating to users when rolling out that they receive this message and makes them question the security of the software.

Answer 4 · 2024-08-08T09:08:06.000Z

We did that the day we released the version. Microsoft….

Answer 5 · 2024-08-12T11:42:43.000Z

Seems to work fine now, probably just took a few days for the update to come through