Change publisher name when deploying application - visual-studio

How do I change the Publisher field form Unknown to something else.
(I'm using Visual Studio and using Setup Project as my installer)
Example below

You need to digitally sign the package with a code signing certificate acquired from a certified vendor (Thawtee, VeriSign, etc...). You cannot use a self-generated certificate.
Windows OS automatically uses the company name you specified when building the setup package, but only if the package is digitally signed.

Related

Packaging code sign certificate - windows UWP app - not distributed through Microsoft store

Need help on how to package code sign certificate with webapp developed in visual studio.
The application setup/installer will be available for download on public website, so we plan to code sign it so it is smoothly installed on client PC.
(1)
how to package code sign certificate
where to get code sign
certificate at reasonable rate
current focus is windows
platform, in future, we need to prepare installer for other
platforms too (Apple, Linux ... )
You can check comodo code signing certificate

Do I need OV or EV code signing certificate when packaging a classic desktop application for the Windows Store?

I want to add a desktop (WPF) application to the Windows Store using the Desktop Bridge (MakePri, MakeAppx). I have tested my build process using a self-sign certificate and all is well.
However, I cannot find any information stating whether I need an Extended Validation (EV) certificate or if an Organization validated (OV) certificate is sufficient. I know an OV certificate can cause SmartScreen warnings for installer .msi packages.
I also found old links (relating to Windows 8 apps) which say that the store does not use SmartScreen. But I cannot find anything relating to Windows 10 desktop apps packaged via the Desktop Bridge.
Will an OV certificate cause SmartScreen warnings when my converted application is downloaded from the store?
You don't need to use a valid certificate to publish your app to the Store. You just need to sign it with a test certificate. When you upload it to dev. center, it will be signed by Microsoft to be distributed through the Store.
I couldn't find a documentation that clarifies this, just saying it by my own experience. There are some notes here:
To test your app in a realistic setting as you prepare for
distribution, it's best to sign your app and then install it.
Visual Studio signs your app by using a test certificate. You'll find
that certificate in the output folder that the Create App Packages
wizard generates. The certificate file has the .cer extension and
you'll have to install that certificate into the Trusted Root
Certification Authorities store on the PC that you want to test your
app on.
Also if you use the new update of Visual Studio, you can create Desktop Bridge apps and publish them to the Store entirely through Visual Studio using the Windows Application Package project. It means you don't need to manually pack and sign it, VS does it for you.
Edit
Your users do not see an Smart Screen anyways. It makes sense since your app cannot run with administrator privileges. If your app needs a functionality that requires admin privileges, you need to consider it before moving forward.

Difference between package signing and code signing

Using VS2013 and Windows 8.1
I have a .cer and .pfx file bought from Verisign. I am new to store apps. I have couple of questions
What is the difference between signing the package and code signing (done using the VS 2013 packaging tab of Package.appxmanifest) -
my understanding so far
(a) I guess this is similar to using signtool.exe tool right?
(b) both will install the public key(.cer) to certificate store(mmc) and sign the appx with private key(.pfx) so i would need to manually install .cer file in the live machines inorder to install my app?
(c) Code is signing is done in order to ensure the code has not been tampered with but do we need to do this for all main store app and other components used part of dfferent project (.dll)
Do we need both package and code signing inorder to publish store apps on client machine?
I can't use the same .pfx used for package signing for code signing because of some chaining information. Is this how it is supposed to used different .pfx for both is this a normal way?
For the regular Windows Store apps:
You don't need to sign windows store apps manually.
No. Windows Store will sign the package automatically.
Code signing is for Windows Classic apps or drivers and not for Windows Store apps.
For the sideloaded apps:
Windows store enterprise apps can be signed by any certification authority that is trusted on your PCs (where the app will be installed). It's better to sign with visual studio. There is documantation for an exact procedure.
If you will sign with Verisign certificate, you don't need to install anything except the app, because verisign root is already trusted in Windows. Visual studio signs only application package.

Signing my solution with a digital certificate

I have an application developed with Visual Studio 2008 and distributed throught ClickOnce. This application is created especially for one client. The network administrator of this company allows me to install this application only with signed executable with a digital certificate. A policy rule will check for the signed certificate on my executable and block otherwise.
My question: do I need to have both setup.exe (ClickOnce) and mysoft.exe (the application installed by this ClickOnce package) signed with a digital certificate?
Thanks.
Yes, you would need to sign both files, but this is not a problem at all - just another line in the building script.
Note, that you would also need to timestamp the signature. Timestamp server address is specified as a parameter in signtool.exe call. The issuer of the code signing certificate (CA) should provide the address of its timestamping server, but not all CAs have timestamping servers. In any case you can use timestamping servers of large CAs such as Verisign, Comodo or GlobalSign.
Good article how to configure VisualStudio to sign app before ClickOnce publishing: http://www.systenics.com/blog/sign-click-once-applications-with-godaddy-code-signing-certificate-and-visual-studio-2012-for-deployment-over-internet/
Firstly, the setup.exe bootstrap file generated by Visual Studio needs to be signed, then the application and deployment manifests need to be signed and finally the application executable needs to be digitally signed.

signing assemblies on windows mobile device

HI
I have created an application for my windows mobile 6.0 device and I need to sign it so that the user can download updates without having to select that they trust the publisher
I'm not entirely sure what I'm doing here but I created the following files on the command line
.pfx using pvk2pfx
.spc using cert2spc
.cer using makecert
.pvk using makecert
and signed all the dll's and exe in my application using signtool sign
I then copied the certificates to my mobile device clicked on them and installed them
then copied my signed assemblies to the device but when I run the application I'm still being asked if I wish to run the application from an unknown and untrusted publisher
if anybody has any suggestions on how to get this working I'd be very grateful
Thanks
colm
Take the certificate that you've signed the application with and place it in the trusted store on the device.
Assuming you're using Visual Studio you can run the Device Security Manager, which will allow you to easily install the certificate on the device.
Note that you only need to place the .cer file, not the entire .pfx on the device.

Resources