Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to be a verified publisher?

Tags:

verify

publisher

I wrote an app and I want to sell it online, so I uploaded it to my website and tried to download and run it as a test, but a window appeared, it said : "The publisher could not be verified. Are you sure you want to run this software ?", and it also said : "Publisher : Unknown Publisher". It's actually a self-signed Java jar file wrapped into an exe file, I self-signed it with Netbeans6.7.

I wonder what should I do to be a "known" publisher ?

Frank

like image 268
Frank Avatar asked Apr 18 '10 02:04

Frank

People also ask

What is a verified publisher?

Publisher verification gives app users and organization admins information about the authenticity of a developer who publishes an app that integrates with the Microsoft identity platform. An app that's publisher verified means that the app's publisher has verified their identity with Microsoft.

Can you trust verified publisher?

Verified Publisher status only means that whomever developed the software took the time and money required to acquire a code signing certificate that identifies them, using a verification process that insures they are whomever they claim to be.

What is a publisher domain?

An app's publisher domain informs users where their information is being sent. The publisher domain also acts as an input or prerequisite for publisher verification. In an app's consent prompt, either the publisher domain or the publisher verification status appears.

2 Answers

You'll need to sign the EXE with a code signing certificate from a trusted root certification authority.

http://www.thawte.com/code-signing/

https://www.verisign.com/code-signing/

You'll find more CAs with a simple Google search.

Keep in mind, even though this is a Java JAR, the dialog you're seeing is from Windows complaining about the EXE being unsigned. You'll need a MS Authenticode signing certificate to sign the EXE. I'm not too familiar with Java, so you may or may not need a certificate to sign the JAR as well. (Note a self-signed certificate will never be recognized as fully Trusted and Valid on any computer other than your own.)

like image 69
josh3736 Avatar answered Sep 19 '22 13:09

josh3736

You need to sign it with an approved signing certificate an example is at http://codesigning.ksoftware.net

like image 45
Romain Hippeau Avatar answered Sep 19 '22 13:09

Romain Hippeau
Sign in to Comment

Related questions

mockito verify method call inside method
Verify domain ownership
Using mockito.verify to ignore one of the parameters
mockito how to verify using methodname and reflection
Google app script verify
Not hacking CurlException: 60 (cURL SSL Certificate Verification)
What does Firebase server side verifyIdToken() do under the hood?
Moq Verify without It - what kind of compare?
Verifying generic method called using Moq
Guidelines for using Assert versus Verify
PHP verify PayPal Donation
Verifying a signature with a public key
Verify database changes (version-control)
Can you verify a property setter using mockk?
Is VERIFY(...) a good practice in C++ coding?
Passport Facebook Verify Callback not Called
Sign In with Apple: verify my domain not working
I get "Certificate Verify Failed" on installing Bundler for Ruby on Rails, on Windows 7. Ruby 1.9.3
Python client - SSL lib - certificate verify failed
What does the Maven verify command do?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!