"signature is corrupt or invalid" downloading from IE

Question

I got a Certum certificate to sign my C# application. Everything seems to be ok and I can execute the application and also see the valid certificate on it.

But, if I upload it to my webpage (publishing with Visual Studio or also uploading the EXE) I can't download it with Internet Explorer on Windows7. I get always this message: "Signature is corrupt or invalid". But once it is on the PC it seems to be valid. I know, there was a bug on IE in the year 2013 but it should be solved.

On Windows 10, Smartscreen also blocks this exe and I can't download it. I paid this certificate to show that my app is secure and now I got more problems than before :(

I don't know if I can insert the link to my application here.

Edit: I found this document from Microsoft: http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx - Seems that Microsoft with IE (but also Google with Chrome) doesn't allow to download SHA-1 signed applications anymore since 1. january because it is not secure enough.

Answer 1

OK, now I can say: THERE IS NO SOLUTION!

At least not for the moment (January 2016).

1. All new certificates must have a SHA-2 hash on Windows7/8 and Windows 10
2. Certum doesn't have SHA-2 certificates for the OpenSource option Since february also the OpenSource certificate from Certum has SHA-2 hash possibility!

So, if you want create an application for WindowsXP, you can use the Open Source Sign from Certum. If you want sign your application for a new OS, you will only loose your money if you buy a Certum OpenSource certificate!

Answer 2

I had to remove KB3124263 (had installed on the 14th for me) to return functionality :-(