Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Code signing open source windows applications?
6 points by Rodeoclash on April 12, 2022 | hide | past | favorite | 3 comments
I've spent a month building an open source application for windows [1] mostly assuming that windows worked as it did the last time I built a desktop app (circa 2003). Obviously, things have changed and we now live in new world of Authenticode signed applications! Exciting!

In no particular order:

1. This seems extremely hostile to open source. I have to outlay ~90 AUD per year for the cheapest possible code signing? When I'm not making any money off my product??

2. It looks like have some movement towards a service that will do code signing much in the same way Lets Encrypt offers free certificates in the form of https://www.sigstore.dev/ - has anybody used this? any other options available in the near future that might also solve this?

3. Finally, I'm about ready to give up and just eat the cost. Any suggestions on what provider to use? (I'm based in Australia)

[1] https://github.com/Rodeoclash/vodon-pro



I don't sign the build at all for Windows or Mac for DataStation [0]. I'm planning to sign the mac build because it's cheap and not insane. Windows signing is expensive and insane.

[0] https://github.com/multiprocessio/datastation


The tact most free/foss apps take is to not sign the application and users just have to set their permissions for the app accordingly.

You can also charge for signed binaries to cover your costs.


sigstore would likely not be in the list of Microsoft's accepted certs.

Another option would be to publish straight to Microsoft store which I believe is free.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: