Show/Hide Toolbars

All-In-One Protector 8

Navigation: Part I - Learning the Basics > Detail explanation of all screens > TAB - Publish > Publish for Download

Sign installer and application

 Scroll Prev Top Next More

 

Using a digital code signing certificate confirms the code’s origin and assures users that a malicious third party has not inserted malware. The signature is also analyzed from the operating system when a file is downloaded.

 

If a signature is missing for the download package, the user probably gets a warning message in case the download file is an EXE file. If the download file is a ZIP file, the download mostly works without displaying an error but is most often checked by an antivirus program once the file is unzipped. To prevent the warning message , you can sign the installation package (an antivirus program can still report a false warning even if the file is signed).

 

You can buy a code signing certificate from different vendors like www.digicert.com, www.comodo.com, http://www.thawte.com or https://www.symantec.com/

 

All Windows All-In-One Player applications are already signed except for the All-In-One Protector Application Viewer. This is because you can change the icon of the All-In-One Protector Application Viewer and therefore a signature is not possible. To check, if the All-In-One Player you use is signed, right mouse click on the EXE file, Properties, TAB Digital Signature. If the All-In-One Player  is not signed, this TAB is missing. Some companies only allow to run signed EXE files. If you want to be on the save side, either sign the file with your own certificate or uncheck the option: Minimize All-In-One Protector Player file size. This will include the full player application which is signed but the icon cannot be changed and the file size is larger.

 

 

Starting from the latest Mavericks version (10.9.5) you need to sign the .APP file and in case you have an own installer package, the installer package too. To get a certificate, you have to register as an Apple Developer - https://developer.apple.com and request a certificate for: Developer ID Application

 

This applies only for download versions and for .APP protection. USB flash drive versions work without a signature and the All-In-One Protector PDF Viewer for MAC is already signed.

 

If you do not sign the files, the user would get the following message:

 

 

The user would then have to change the security setting (allow apps downloaded from Anywhere), to allow to run your APP

 

 

 

Signing the files

The following steps require that you are familiar with the MAC code signing. For details check this article

 

You have to sign your .APP file and the All-In-One Player application, as your .APP file is merged with the All-In-One Player

Sign your .APP file before you add the protection (e.g. with codesign -s 'Developer ID Application: Your Company (YOUR ID)' /projects/Font3unprotected.app)

Create the protected version

Copy the files created with Publish for Download or the file from Publish for All-Media to a MAC computer with OS X 10.9.5 or newer

Unzip it only on the MAC computer (never on Windows)

 

Now you are ready to sign the All-In-One Player app

 

Start the Terminal application

codesign -f -s 'Developer ID Application: Your Company (YOUR ID)'  /projects/Font3forMAC.app

 

In this example the name of the protected application would be: Font3forMAC

 

To test if the file signature is OK

 

codesign --verify --verbose  /projects/Font3forMAC.app

 

Now you can ZIP the file or create a download package, which you would have to sign with an installer certificate.

 

Protected file is visible on the folder

If you unchecked the option: Hide Main Application, your APP file will be visible on the folder. You have to sign the file again as it was modified (only required with protection level - high and medium).

 

codesign -f -s 'Developer ID Application: Your Company (YOUR ID)' /projects/Font3unprotected.app