All,

Is your code-signing certificate due to expire? I would strongly suggest to
check this now! It is important you renew your certificate before the
expiry date. Once the certificate expired, you are unable to code-sign your
applications and/or installations!

Example: http://www.lindersoft.com/forums/showthread.php?t=22891

Please note that Comodo does not send renewal reminders!

To avoid having to resign software every time your certificate expires, use
the timestamping service. When you sign code, a hash of your code will be
sent to Certification authority to be timestamped. This means that you will
not need to worry about re-signing code when your Digital ID expires.
Microsoft Authenticode allows you to timestamp your signed code so that
signatures will not expire when your certificate does.

As a service to our customers, we have partnered with Comodo, Inc., a
leading WebTrust Compliant Certification Authority, to offer Comodo's range
of Code Signing Certificates and Public Key Infrastructure (PKI) based
Secure Sockets Layer (SSL) certificates to qualified Lindersoft customers.
If your Verisign or Thawte certificate is due to expire soon, Lindersoft
customers can switch to a 3-Year Comodo certificate for just $200 instead of
$500.

Do the math: a Verisign Code Signing Digital ID costs $499 for 1 year, $895
for 2 years and $1,295 for 3 years. A Thawte Code Signing Digital ID costs
$299 for 1 year and $549 for 2 years. A Go Daddy Code Signing Certificate
costs $199.99 for 1 year, $359.98 for 2 years and $509.97 for 3 years.

http://www.lindersoft.com/products_security_services.htm

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

SetupBuilder is Windows 7 installation -- "point. click. ship"

-- Official Comodo Code Signing and SSL Certificate Partner

BTW, if you would like to renew your code signing certificate, you can find
the login for the discounted Comodo ordering system in your SetupBuilder
subscription notifications. Scroll down a bit and there you'll find the
login details.

Friedrich

Hi Friedrich,

> BTW, if you would like to renew your code signing certificate, you can find
> the login for the discounted Comodo ordering system in your SetupBuilder
> subscription notifications. Scroll down a bit and there you'll find the
> login details.

I have another year, but I'm curious: You talk about "renewing" the
certificate. In my dealings with Comodo it was made very clear that there
is no renwal - it's a new application every time. Everything is re-verified
etc. etc. Has anything changed in that regards?

Best regards,

--
Arnór Baldvinsson - Icetips Alta LLC
Port Angeles, Washington
www.icetips.com - www.buildautomator.com - www.altawebworks.com
Icetips product subscriptions at http://www.icetips.com/subscribe.php

Arnór,

> I have another year, but I'm curious: You talk about "renewing" the
> certificate. In my dealings with Comodo it was made very clear that there
> is no renwal - it's a new application every time. Everything is
> re-verified etc. etc. Has anything changed in that regards?

You are right. "Renew" is the wrong term here. There is not really a
"renewal" process for code-signing certificates if you have purchased a
certificate in the past. You always have to request a new one and go thru
the entire process again.

But you can use your "old" login details to login to the Comodo ordering
system and place a new order using the same company information and Comodo
should speed up the validation process. Always quote your previous Comodo
order number in any correspondence with them.

Sorry for the confusion.

Friedrich

Hi Friedrich,

> You are right. "Renew" is the wrong term here. There is not really a
> "renewal" process for code-signing certificates if you have purchased a
> certificate in the past. You always have to request a new one and go thru
> the entire process again.

I go through daily rituals to prepare myself for August 2012<g>

Best regards,

--
Arnór Baldvinsson - Icetips Alta LLC
Port Angeles, Washington
www.icetips.com - www.buildautomator.com - www.altawebworks.com
Icetips product subscriptions at http://www.icetips.com/subscribe.php

If I may have the temerity to gently disagree... using the "old" login
seems a less than stellar idea.

After using the Lindersoft link this past June, I used my previously
registered email address (with which I had bought a $200 3-year certificate
the last time).

I was disappointed by the choices I was given.

jf

Yikes! That looks more expensive!

--
Russell B. Eggen
www.radfusion.com

Hi Friedrich,

> You are right. "Renew" is the wrong term here. There is not really a
> "renewal" process for code-signing certificates if you have purchased a
> certificate in the past. You always have to request a new one and go thru
> the entire process again.

I seem to recall that you had to do this process from an XP machine or their
thing would not be able to deliver the certificate files correctly - don't
remember the specifics, seem to recall that Jane had some problems with it.
If Jane has problems with this, I certainly don't have a chance!<g>

Is that still valid? I still use XP for most of my development so it's not
a big deal right now, but I'm getting a new machine with Win7 and wonder if
I have to hold on to my good old XP machine for dear life:)

Best regards,

--
Arnór Baldvinsson - Icetips Alta LLC
Port Angeles, Washington
www.icetips.com - www.buildautomator.com - www.altawebworks.com
Icetips product subscriptions at http://www.icetips.com/subscribe.php

> Hi Friedrich,
>
>> You are right. "Renew" is the wrong term here. There is not really a
>> "renewal" process for code-signing certificates if you have purchased a
>> certificate in the past. You always have to request a new one and go thru
>> the entire process again.
>
> I seem to recall that you had to do this process from an XP machine or their
> thing would not be able to deliver the certificate files correctly - don't
> remember the specifics, seem to recall that Jane had some problems with it.
> If Jane has problems with this, I certainly don't have a chance!<g>

Arnor,

Product Description - App Data UAC Safe, MFG - Encourager Software
Internet Link - http://profileexchanges.com/blog/?p=120

CHM version of this blog -

Help Topic -

Code Sign - Order Process > Code Sign - Order Process - B

XP and Internet Explorer - If you would prefer to receive your certificate
directly in the spc and pvk file format, and have access to the XP
operating system, then I would suggest, after you sign into your Comodo
account, be sure your settings are as illustrated. (screen shot attached
and in CHM help file)

Signtool.exe - Use a certificate in a PFX (P12) format.

Signcode.exe - Use a certificate in spc and pvk file format.

However, quite a few of us - don't need to work with code sign certificates
in spc and pvk format - we only need the PFX format (P12 format), AND use
the more modern tool - signtool.exe

In using a PFX file (AND password) (AND signtool.exe) in SetupBuilder, I
would suggest IT'S (PFX format) the preferred method.

SO, you order the code sign certificate using Windows 7 and Firefox OR IE -
the certificate is stored in the browser certificate manager and you export
it to PFX file.

I think someone may have ordered it recently, and received it in P12 format
(it's the same as PFX format) - so didn't even have to export from browser.

I ordered my last code sign certificate using the Lindersoft Order Process
in 2010 - and used an XP Virtual Machine to obtain the certificate in spc
and pvk file format - then used pvk2pfx.exe to convert it to PFX format -

BUT next time, I'll just use Windows 7 or Windows 8 and FF to order it in
PFX format!

Product Description - Comodo Code Signing Certificate, MFG - Comodo
Internet Link - http://www.lindersoft.com/order_codesigning.htm

> Is that still valid?

Well, the XP order process worked fine in 2010 for me, and I just tried the
beginning of the commodo order process in an XP virtual machine with IE,
and the screen shot was the same as the one attached.

Next time for me - W7 or W8 and FF.

David

--
From David Troxell - Product Scope 7.9 - Encourager Software
Product Description - App Data UAC Safe, MFG - Encourager Software
Internet Link - http://profileexchanges.com/blog/?p=120

Thanks! I've still have until May - WHEW!

--
Russell B. Eggen
www.radfusion.com

BTW - never saw the time stamping drop list in the code-sign function. When did
you slip that in there? ^.^

--
Russell B. Eggen
www.radfusion.com

> BTW - never saw the time stamping drop list in the code-sign function.
> When did you slip that in there? ^.^

I think it was in V7.0. IIRC, Jane requested it :)

Friedrich

Emily's imaginary friend again???

Jane Fleming

>
> Emily's imaginary friend again???
>

<G> :)

Friedrich

Thanks to you both. I can't believe that escaped my notice. I guess the time
stamping of the install through me off.

--
Russell B. Eggen
www.radfusion.com

WOW, you are so completely right! Something changed without notice and this
seems to be a permanent change.

I stand corrected. It seems you have to create a NEW ACCOUNT!!!!! now to
get your hands on the discounted Comodo certificates.

Thank you for the information, Jane!!!

Friedrich

BTW, can others confirm this? It might have something to do with accounts
that were created before the logins were used to order discounted
certificates through our site. Do you have to create a new account to order
a new certificate at the discounted price?

When I use my login then it changes from $200 to $500.85. But I have
already used this account in 2005 (two years before we partnered with
Comodo). So in this case it is expected.

If you previously ordered Comodo Code Signing Digital IDs direct from Comodo
(and not through the Lindersoft site), it is advised that you create a new
username and password when ordering via our site.

Friedrich

> BTW, can others confirm this? It might have something to do with accounts
> that were created before the logins were used to order discounted
> certificates through our site. Do you have to create a new account to order
> a new certificate at the discounted price?
>
> When I use my login then it changes from $200 to $500.85. But I have
> already used this account in 2005 (two years before we partnered with
> Comodo). So in this case it is expected.
>
> If you previously ordered Comodo Code Signing Digital IDs direct from Comodo
> (and not through the Lindersoft site), it is advised that you create a new
> username and password when ordering via our site.

Friedrich,

http://www.lindersoft.com/order_codesigning.htm

"NOTICE: If you previously ordered Comodo Code Signing Digital IDs direct
from Comodo, it is advised that you create a new username and password when
ordering via our site."

An Excellent reminder - right on the page you start the process! :-D

My experience - slightly different - in 2007, my company ordered our first
code sign certificate - THROUGH the Lindersoft Discount method - THEN, in
2010 - using THE same account username and password - ordered the next 3
year deal - and the discount displayed properly when logging into Comodo.

BUT, this is a great caution discussion - if you don't see the 3 years -
$200 discount - SLOW down - don't order until your company has sorted out
why! :-D

David

--
From David Troxell - Product Scope 7.9 - Encourager Software
Product Description - App Data UAC Safe, MFG - Encourager Software
Internet Link - http://profileexchanges.com/blog/?p=120

Friedrich,

This is probably a stupid question, but how do I find out when my
certificate expires?

Regards,
Abe

Right-click something you've code-signed and click Properties.
Click Digital Signatures.
Highlight your signature and click Details.
Click View Certificate.

Jane Fleming

Thanks. I just noticed mine expires on 11/11/2012. Exactly 1 year from
today.

Abe Jimenez

LUCKY!

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve

See image

Abe Jimenez

Hi Abe,

> This is probably a stupid question, but how do I find out when my
> certificate expires?

What you can do is to open the Properties of one of your code-signed files,
select the "Digital Signatures" tab, select your signature and press the
"Details" button. Then select "View Certificates" and there you'll find the
validity of the certificate. See attached screenshot.

Does this help?

Friedrich

Abe,

> This is probably a stupid question, but how do I find out when my
> certificate expires?

If you use a .SPC like I do you can open it in your cert manager. In
Win7 I just double click it and there it is.<g>

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Enhanced Reporting: http://CreativeReporting.com


Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Thanks Lee. I use a .PFX. But just out of curiosity, where is cert
manager?

Abe Jimenez

Abe,

> Thanks Lee. I use a .PFX. But just out of curiosity, where is cert
> manager?

It's an MMC snap-in, certmgr.msc

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Enhanced Reporting: http://CreativeReporting.com


Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Thanks

Abe Jimenez