Had enough of expensive third party digital certificate platforms on Windows? We have.
If you develop apps for the Windows or macOS platforms, you’ve probably wrestled with digitally signing your apps. In the case of both operating systems, they punish you in similar ways. They make your app look untrustworthy. On Windows, if this shows up, you have to click the More info link, and then click a Run anyway option.
You don’t want that.
There is a long held belief in software marketing that if you don’t reward your user within 5 minutes (barring other extremely compelling reason), the chances of your app being used at all drops considerably. Offer more than one frustration and they will run the uninstaller.
Historically on Windows, you paid a third party code signing company to provide you with a certificate that often lasts only a year and costs anywhere from $300 and up (a lot up). It used to be a fairly automated and low overhead service which led to even companies like GoDaddy to get involved. Standards changed and the lower budget options disappeared. Also, along with those standards changes, there was considerable consolidation in the ‘signature’ market, with old certificate provider sites remaining active but leading to fewer actual providers that don’t really know the differences between the products they sell.
If you’ve shipped on macOS for a while, you know that certifying on the Mac is rather cheap. Now you can get an equivalent cheap for Windows, remarkably offered by Microsoft.
Hannes Mühleisen over at DuckDB turned me on to this fantastic blog post Code signing on Windows with Azure Trusted Signing by the developer Sudara when I was reviewing options for digitally signing Valentina Studio on Windows.
Now for the caveat.
At this point, it looks like it is still only open to US and Canadian businesses with a history of three years or greater, but that could change at any time. Even at just $9.99 a month, this can be a major revenue generator for Microsoft. They never leave money on the table.
This requires a Microsoft Azure subscription, and the cost runs $9.99 per month.
Just like it sounds, you are self-certifying digitally by way of Azure. So yes, you have to give some money to Microsoft. You’ll have to get over your lingering rage from when you got a Zune instead of an iPod for Christmas. And yes, Co-Pilot is intertwined with it. I found it actually did provide some helpful answers.
The interface with Azure isn’t without complication. It is very complicated, but it isn’t any more annoying than the Apple Developer Connect system. Also, since Sudara wrote his blog post, there have been a number of UI changes on Azure. However, having gone through the process start-to-finish, you shouldn’t have any major problems. But here are two tips to consider:
Don’t miss or skip a step in Sudara’s blog post. Some of them have been remapped but fortunately, just follow the button labels and you’ll do fine.
When you reach the step when Azure assures you that the validation is “In Progress”, make sure you check any details panels. There are several times you have to validate accounts, roles and email accounts. At least one can sit during the “In Progress” step and, if you do not complete it, the validation will never complete. Yes, I made that mistake. Once I found the hidden validation message, the process was complete a few hours later.
And there you have it.
You’ve cut your certification costs in at least half. Download our free Valentina Studio software ,run the installer and you can see the result.
See the original version of this post on the official Paradigma Software forum.