Skip to content
This repository has been archived by the owner on Jan 5, 2021. It is now read-only.

Sign Windows Binaries #157

Open
Varunram opened this issue Feb 11, 2018 · 12 comments
Open

Sign Windows Binaries #157

Varunram opened this issue Feb 11, 2018 · 12 comments

Comments

@Varunram
Copy link
Contributor

See #126 (comment)
@cryptofuture
Copy link
Contributor

I hardly doubt is worth the effort, since we have sha256sums anyway.

Though is possible under Linux: https://stackoverflow.com/a/29073957
I could try if someone would provide me with the right certificate for exe file.

@Varunram
Copy link
Contributor Author

Yeah, I mean, not really that much of a "want-to" at the moment, more like a "would be nice to have" kind of thing.

@XhmikosR
Copy link
Contributor

It's doable; it all depends how much money (since the certs aren't free, but you could get a cheap one) and time one wants to spend on this.

@Varunram
Copy link
Contributor Author

@XhmikosR yeah, apparently there are some firewall issues on Windows which might be resolved with signing, have to take a look at this once the issue with the forum is resolved. (btw, sorry for what happened at the other thread!)

@Varunram Varunram mentioned this issue May 6, 2018
Closed
@crypto4techs
Copy link

Thanks for linking this to the issue I posted about VirusTotal false positive and code signing. For the security conscious like me, 0 hits in Virus total and code signing are musts. I can't risk the integrity of my wallet computer to a virus or malicious code. I was initially interested in Musicoin but have stayed away until the wallet scans clean and the code is signed.

@etaletai13
Copy link
Contributor

@crypto4techs Do you have the abilities to accomplish this one yourself? If so, please do!! If not, let me know and I'll take it.

@Varunram
Copy link
Contributor Author

@etaletai13 cool, but I don't think the primary reason for this is people not appreciating virus signs, but that people don't like to work with Windows-ish stuff in general. All the best!

@Musicoin Musicoin deleted a comment from XhmikosR Jul 7, 2018
@Musicoin Musicoin deleted a comment from etaletai13 Jul 7, 2018
@pnomolos
Copy link

I'm willing to help with this if there's a certificate I can sign with. I've got a couple Windows boxes available to verify on.

@etaletai13
Copy link
Contributor

@pnomolos Because we're moving to Electron, we can include package signing with an argument. Currently the only holdup for Windows is a cert, and for Mac is a developer account for the organization; which is simple too. Linux is straight-foreward.

Basically this problem isn't a true problem, but a thing that will be completed when we have the first Electron release, and then easily done for the legacy version (if we are keeping that around)

@pnomolos
Copy link

@etaletai13 OK! Well if you need any help from someone with a Windows box (or three) to run/build some stuff, just let me know :)

@etaletai13
Copy link
Contributor

@pnomolos Certainly! Also that reminds me that we'll need something in 'yarn commit' that will clean up files edited in Windows. It adds something to utf-8 files that will break on every other system.

@etaletai13
Copy link
Contributor

Electron-packager can sign the releases for all OS's. Seems the way to do. I've been experimenting with simpler apps for a little bit.

@Varunram Varunram mentioned this issue Dec 5, 2018
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@pnomolos @XhmikosR @cryptofuture @Varunram @etaletai13 @crypto4techs