Free code signing service?

Draygoes

Fully Optimized
Messages
1,655
Location
United States
Hi all.
Many years ago, I was able to find a code signing service that created a digital cert to use on executables, but I am no longer able to locate it.

At this point, I just want it so that it will be more simple for people to trust my apps. (Also, it looks good. :angel:)

Does anyone know of somthing like that which I can use for non-profit projects? Somthing that is trusted?

Thank you all for your time.


Actually, I wish to be very clear. I just need a free service that will work with this interface:


Is it possible to find somthing to generate what I need for free? Google has been of no help.
 
Last edited:

Draygoes

Fully Optimized
Messages
1,655
Location
United States
Sorry to bump, but I just wanted to let you guys know that the only service that I have found so far appears to be a scam...
 

root

Site Team
Staff member
Messages
8,181
Location
UK
there are a couple of things that you can do.

1, self sign.
yeah that's the budget option, and requires you to say to people that they need to install your public key from your CA, but it's immediately free and ready to go after a couple of minutes installing openSSL

2, buy a cert.

I can't think that there would be many companies out there invested in a cert (that costs $200 a year) that will sign code (that is to say put their name on it to say it's 100% trustworthy, without having done an audit of said code.

realistically, if you find a free service that will sign your code, then it's likely that sooner or later someone will release malware code using that cert, and pretty soon the CA will revoke that cert and apps signed by them are not trustworthy...


You may find some cheap services:
https://en.sklep.unizeto.pl/data-safety/code-signing-certificates/open-source-code-signing.html

they offer certs for open source projects for 14 bucks. (they did used to be free) there is some noise online that the tradeoff is that they append the CN Open source developer - "your name"

but then they offer reduced costs to promote open source.


I don't subscribe to the model that because you have a bunch of cash your software is somehow better than any other persons...
 

Draygoes

Fully Optimized
Messages
1,655
Location
United States
there are a couple of things that you can do.

1, self sign.
yeah that's the budget option, and requires you to say to people that they need to install your public key from your CA, but it's immediately free and ready to go after a couple of minutes installing openSSL

2, buy a cert.

I can't think that there would be many companies out there invested in a cert (that costs $200 a year) that will sign code (that is to say put their name on it to say it's 100% trustworthy, without having done an audit of said code.

realistically, if you find a free service that will sign your code, then it's likely that sooner or later someone will release malware code using that cert, and pretty soon the CA will revoke that cert and apps signed by them are not trustworthy...


You may find some cheap services:
https://en.sklep.unizeto.pl/data-safety/code-signing-certificates/open-source-code-signing.html

they offer certs for open source projects for 14 bucks. (they did used to be free) there is some noise online that the tradeoff is that they append the CN Open source developer - "your name"

but then they offer reduced costs to promote open source.


I don't subscribe to the model that because you have a bunch of cash your software is somehow better than any other persons...

It is mostly for looks and trust. But you are right, and thank you for your response. I guess that I must leave my code unsigned for now. I just wanted to see if there was an answer to be able to compete with what I used to use.
Thank you for your response.
 
Top