Unable to build a trusted package

This forum can be browsed by the general public. Posting is limited to current SAPIEN license holders with active maintenance and does not offer a response time guarantee.
Forum rules
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 5 years and 2 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
User avatar
166506
Posts: 3
Last visit: Sun Mar 03, 2019 4:37 am

Unable to build a trusted package

Post by 166506 »

Product, version and build: Powershell Studio 2017 version 5.4.145
Operating system: Windows 10 Ent. 1803 64x

I am unable to build a "trusted" package for Windows 10. I use a wildcard cert to sign the package, the cert has been installed locally on the machine where I build the package.
Running the package on a different Windows 10 machine results in an error that the application is not trusted and the only option that you have is "don't run this application"
Any ideas what goes wrong?
Image
Image

Build looks ok:
Image
User avatar
Alexander Riedel
Posts: 8478
Last visit: Tue Mar 26, 2024 8:52 am
Answers: 19
Been upvoted: 37 times

Re: Unable to build a trusted package

Post by Alexander Riedel »

Your digital signature is not trusted on that other machine. Simple as that.
Don't know where your certificate came from, but if the issuing authority is not trusted on the executing machine it is a no go.
You can right click on your executable on the other machine and examine the signature verification path in the file's properties to see what is not trusted.
It can be that the root authority is not one that is trusted by default in Windows and needs to be installed.
It can also be that your signature was only meant for local use and is not a general code signing signature, we would not know.
At any rate, that is not a PowerShell Studio issue. I recommend reading up on how digital signatures work.
This might help to figure out what's wrong.
https://www.sslsupportdesk.com/how-to-v ... n-windows/
Alexander Riedel
SAPIEN Technologies, Inc.
User avatar
166506
Posts: 3
Last visit: Sun Mar 03, 2019 4:37 am

Re: Unable to build a trusted package

Post by 166506 »

Thanks ALexander for your quick reply.
It make sense, but I am using a AlphaSSL Wildcard Certificate it has a GlobalSign Root CA.

Can you advice me a type of cert issuing authority is trusted on all (most) windows 10 machines? We are building a app which our customers can download but than the tool just has to work on the client machine.
Any advice is welcome!
User avatar
Alexander Riedel
Posts: 8478
Last visit: Tue Mar 26, 2024 8:52 am
Answers: 19
Been upvoted: 37 times

Re: Unable to build a trusted package

Post by Alexander Riedel »

I am not sure what certificate you have there, but it sounds like you are using a website certificate.
What you need is a code signing certificate. There is a very important distinction between code signing certificates and simple TLS/SSL certificates.

We can not recommend or endorse any one vendor, but this is an example of what you would need:
https://trustcenter.websecurity.symante ... _cs_ma_buy
Alexander Riedel
SAPIEN Technologies, Inc.
User avatar
166506
Posts: 3
Last visit: Sun Mar 03, 2019 4:37 am

Re: Unable to build a trusted package

Post by 166506 »

Great support, thanks Alexander for pointing me in the right direction!
This topic is 5 years and 2 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.