Code Signing Hell.
|
From: Marc on 9 Nov 2009 02:51 Hi Gary, You missed one. Thawte. Their customer service stinks (particularly if anything goes wrong when enrolling with them), but for $299 USD a year you can sign as many files as you want *IF* you are running XP. If you're running Vista or, errrm, 7, then you are stuck with Microsoft's ridiculous money-making pay-per-signing Bill-Gates-retirement fund. We developer PocketPC/Desktop applications in XP, sign them in XP, and then test & deploy them to Vista/7 environments. Hope this helps, Marc "Gary Crean" wrote: > After a long day yesterday playing telephone tennis with VeriSign / Geotrust. > I found another signing provider that can sign Microsoft Windows Mobile Code. > (So They Say). > > £399 later. It doesn't. I seems the only provider that can sign code for > Window Mobile is Verisign / Geotrust. > > FYI. Same company. > > My comment is. > > 1. No-body else does it. (Seems many company's have been court by this) > > 2. Come on Microsoft. What the hell is going on. 1 Provider for code signing > and $5 to sign the code each time is > punishment. Doesn't fit into a nightly build process and no wonder people > are moving to IPhone and Android. > >
From: Christopher Fairbairn [MVP] on 15 Nov 2009 18:05 Hi Gary, "Gary Crean" <GaryCrean(a)discussions.microsoft.com> wrote in message news:F0AC4D7A-F2F4-4CD4-B324-85C8C806E3D8(a)microsoft.com... > After a long day yesterday playing telephone tennis with VeriSign / > Geotrust. > I found another signing provider that can sign Microsoft Windows Mobile > Code. > (So They Say). VeriSign have been the sole providers of Mobile2Market code signing accounts for a number of years. It's important to differentiate between generic Authenticode signing certificates (where there are numerious providers), and the ones accepted by Windows Mobile devices out of the box. If talking to another provider ask them explictly if they support Mobile2Market (http://msdn.microsoft.com/en-us/windowsmobile/dd569931.aspx), as that may clarify what they think your asking for. > 2. Come on Microsoft. What the hell is going on. 1 Provider for code > signing > and $5 to sign the code each time is punishment. I equally have always wondered (for unpriviledged certificates atleast) why Windows Mobile certificates are "accounts" with fixed numbers of signing events, vs desktop Authenticode certificates which are timeframe based and can be signed locally. It has however improved over the years. I still remember a time when a code signing "event" was considered a individual dll, exe or cab file rather than one "event" per CAB, no matter how many executable files it contains (http://blogs.msdn.com/hegenderfer/archive/2007/05/19/mobile2market-updates-for-signing-and-certification.aspx). That truely did start adding up quickly if your application was rather modularised, not to mention a pain in the neck, especially when there was no tooling support. It may not fit your required use case, but have you considered the Windows Marketplace for Mobile as an alternative? It has an alternative set of fees and constraints etc, but may suit some applications better than Mobile2Market these days. Details can be found at http://developer.windowsphone.com/Default.aspx Hope this helps, Christopher Fairbairn
First
|
Prev
|
Pages: 1 2 Prev: Bad synchronisation and logical delete in Pim.vol Next: GPS and finding |