I distribute my app with an exe from Aspell (included with Gary James'
JSpell) which is not yet code signed.

What problems, if any, might be caused by this situation in a Vista
deployment?

Thanks!

--
Lynn Howard
www.linkedsoftware.com

Lynn,

It "should" not cause a problem. I don't know how this .exe from Aspell is
used. If it displays an elevation dialog under Vista, the elevation dialog
is an orange box. This turns into a "friendly" blue dialog if the .exe is
code signed.

Friedrich

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

"point. click. ship" - that's SetupBuilder 6
Create Windows Vista ready installations in minutes

-- Official Comodo Code Signing and SSL Certificate Partner

Thank you!

Lynn Howard

> I distribute my app with an exe from Aspell (included with Gary James'
> JSpell) which is not yet code signed.

Lynn,

I've made this comment a long time ago (I think<g>), but why not just sign
it yourself (like any other EXE in the install) and be done with it?

After all YOU are distributing it with YOUR product as a "trusted" add-on,
so as far as the customer is concerned - YOU are on the hook if it causes
problems<vbg>.

To me it makes more sense to do that and not have any issues with it on
your Vista installs...

JAT...

;-)

Charles






--
-------------------------------------------------------------------------------------------------------
Charles Edmonds

www.clarionproseries.com - "Serious imaging tools for Clarion Developers"
www.ezround.com - "Round Corner HTML tables with matching Banners, Buttons
and Forms!"
www.lansrad.com - "Intelligent Solutions for Universal Problems"
www.fotokiss.com - "World's Best Auction Photo Editor"
-------------------------------------------------------------------------------------------------------

Thanks Charles.

Seems like a reasonable option but since I'm not familiar with all the code
signing rules I was exploring options. For example would the author have
some objection. Just wondering.

But I believe signed is better than not signed.

Lynn

Maybe a stupid question, but just to make sure:

SB6 can sign the installer - I still have to sign my exe(s) 'manually'. Is
that the correct interpretation?

Peter

Peter,

No :) SB6 can code-sign both your installer *and* the application files.
It can also embed a manifest into your application file(s) to make your
application Vista-aware.

Does this help?

Friedrich

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

"point. click. ship" - that's SetupBuilder 6
Create Windows Vista ready installations in minutes

-- Official Comodo Code Signing and SSL Certificate Partner

> Does this help?

Absolutely, that's good news! (although I may be the only one to think it's
new <g>)

Thank you!
Peter

<BG> :)

Friedrich

> SB6 can code-sign both your installer *and* the application files.
> It can also embed a manifest into your application file(s) to make your
> application Vista-aware.
Does it automatically code-sign the application files when
code-signing the installer, or is there a 2nd place I have to do
something to get my application files signed?

Does code-signing modify my application's .exe files?
---------------------------------------------------------------
Steve Rothkin
Developer, DJ Manager Software
www.djmgr.com

You need to invoke the "#code-sign application" compiler directive for each
file you want to sign.
Code-signing will change the app's file date and will add roughly 3K to the
file length.

Jane

Does this modify the original exe in my source directory or only the
one that gets put into the installer? If only in the installer, is
there a way I can get a copy of that to scan (so I can update the CRC
for it in the security file that goes into the installer)?

How important is it to sign the programs (as opposed to the
installer)?

Steve Rothkin

Steve,

If the "Permanent" option is not checked, it will *NOT* modify your original
..exe in your source directory. So your original file in your source folder
is not code-signed, the file in your installer is code-signed.

But your "CRC protection" is history with Microsoft Authenticode. If you
code-sign an application file, this will change its binary contents. So
your file CRC always changes if you code-sign.

Does this help?

Friedrich

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

"point. click. ship" - that's SetupBuilder 6
Create Windows Vista ready installations in minutes

-- Official Comodo Code Signing and SSL Certificate Partner

OK, so I can "permanently" sign the executable and then rerun my
program that calculates/stores the CRC (into an encrypted tps file)
before the files are compressed into the installer.

What are the advantages of code-signing my program? What are the
disadvantages of NOT code-signing my program (and only code-signing
the installer)?

Steve Rothkin

If you have a subscription to clarionmag.com, my current Vista-related
article shows the type of warning screen users get if your app has any
administrator-level requirements and isn't signed. Also, depending on your
target audience, an administrator may have set security so that unsigned
apps can't run at all.

The next article in the series (about Vista's "virtual reality") will
illustrate vividly some of the issues you can encounter if you don't use a
Vista-aware manifest (which SB can also do for you... or you can link in
yourself).

Jane

Great articles, Jane!

--
Russ Eggen
www.radfusion.com
IRC Info: www.radfusion.com/irc.htm
Freebies: www.radfusion.com/downloads.htm