Share via

Signing WPF application for distribution

Wally96333 66 Reputation points
2023-12-10T17:30:12.3666667+00:00

PLEASE Ignore this question and refer to my previous question

https://learn.microsoft.com/en-us/answers/questions/1460328/signing-wpf-application-for-distribution

===================================================

I have developed a WPF application that I intend to sell online.

I understand that I need a certificate to sign the binary files (DLL & EXE).

I have never done this before, so I could use some advice.

From what I can determine, there are a number of different kinds of certificates, and they can cost anywhere from $200 to $1000.

https://signmycode.com/buy-code-signing-certificates

I am aware of the free certificates from "Let's Encrypt", but, from what I understand, they do not work for WPF.

https://letsencrypt.org/docs/client-options/

Can someone point me in the right direction for getting a certificate and signing my binaries?

Any assistance with this would be appreciated.

Thanks.

Windows Presentation Foundation
Windows Presentation Foundation
A part of the .NET Framework that provides a unified programming model for building line-of-business desktop applications on Windows.
2,768 questions
Visual Studio
Visual Studio
A family of Microsoft suites of integrated development tools for building applications for Windows, the web and mobile devices.
5,095 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,901 questions
Accepted answer
  1. Hui Liu-MSFT 48,531 Reputation points Microsoft Vendor
    2023-12-11T09:53:17.52+00:00

    Hi,@Wally96333 . Welcome to Microsoft Q&A Forum.

    To sign your WPF application for distribution, you'll need a code signing certificate. Here are the steps to obtain a code signing certificate and sign your binaries:

    1.Obtain a Code Signing Certificate:

    You have a few options for obtaining a code signing certificate:

    Purchase from a Commercial Certificate Authority (CA):

    There are several well-known CAs that issue code signing certificates. Examples include DigiCert, Sectigo, GlobalSign, and others.

    Visit the website of a CA, navigate to their SSL/TLS certificates section, and look for code signing certificates.

    Use a Certificate from a Trusted CA:

    Some development tools come with a test certificate that is automatically trusted by most systems. However, these certificates are not suitable for distributing commercial software.

    2.Generate or Acquire the Certificate:

    After obtaining a code signing certificate, you may need to generate a key pair (private key and public key). The process can vary depending on the CA and the tool you are using. Typically, the CA provides instructions for obtaining and installing the certificate.

    3.Sign Your WPF Application:

    Once you have the code signing certificate, you could use a tool like signtool (included in the Windows SDK) to sign your WPF application. Open a command prompt and use a command similar to the following:

    4.Timestamping:

    Including a timestamp (/t) is recommended as it ensures that the signature remains valid even after the certificate expires. It's especially important for long-term software distribution.

    5.Distribute Your Application:

    After signing your binaries, you could distribute your WPF application. Users will see that your application is signed, which can help establish trust and prevent warning messages during installation.

    Please refer to the documentation of the CA you choose for specific instructions on obtaining and using a code signing certificate. Additionally, check the documentation for the signtool utility for detailed information about its usage.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Monika Mac 85 Reputation points
    2023-12-11T12:29:47.81+00:00

    For code signing your binaries in WPF application, if you are using Clickonce in visual Studio, then EV code signing certificate is highly suitable for same otherwise, a standard (OV) code signing cert you can use .

    Also, please note that if you need only a PFX file to sign the application in Visual Studio, it is not possible. Because, you will need to place an order with token and shipping. From the USB token, the PFX file (certificate and private key) cannot be extracted.

    You can get an affordable EV code signing certificate SignMyCode, starting at $269.99/yr and and standard code signing certificates at just $199.99/year!

    You can buy your relevant Code signing certificate and proceed to sign your WPF application! https://signmycode.com/buy-code-signing-certificates For any query you can contact the 24/7 support team!

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.