1

I am currently developping a Windows 8 metro app. This app will not be available in the Martketplace but will be distributed by sideloading. For this it is necessary to sign the app with a certificate and import the same certificate on the client machine.

I never made such a certificate? How should I proceed? I also read the publisher name of the app should be the same as the publisher name in the certificate...

Who knows how to make such a certificate? A commercial certificate from for example Verisign is currently not an option.

Charlie
  • 521
  • 1
  • 4
  • 17

1 Answers1

1

If a commercial (payed for) certificate is not an option there are three other ways to get a certificate:

1) If your company has an own root certificate (trusted by a public Certificate Authority like VeriSign) you (or an admin) can derive a software signing certificate from that.

2) Your company could setup an own certificate server to issue own certificates. If the certificates are only used inside the company and the root certificate is trusted (imported in the certificate store for trusted root authorities) on all machines you could use a software signing certificate derived from the root certificate. See http://www.esecurityplanet.com/network-security/how-to-run-your-own-certificate-authority.html.

3) You could use a self signed test certificate that is not derived from a root certificate. Use makecert to create one (see How do I create a self-signed certificate for code signing on Windows?). When installing the App the user will be asked if he trusts this certificate that has no known publisher.

Community
  • 1
  • 1
Jürgen Bayer
  • 2,993
  • 3
  • 26
  • 51