We are happy to announce that NISE is now a member of the Microsoft BizSpark program for startup companies.

BizSpark is a program which offers new software businesses and entrepreneurs access to Microsoft design, development, and production tools with no upfront costs for up to three years. Members can also connect with a nationwide community of Network Partners - investors, incubators, service providers, and entrepreneurial organizations - who are keen to help.

We will work hard and do our best to make sure we are one of those successful startups Microsoft is looking to foster.

More About BizSpark
http://www.microsoft.com/BizSpark

NISE @ BizSparkDB
http://www.microsoftstartupzone.com/bsdb/search.aspx?id=3000

Every program is checked for a Digital Signature before it runs and if there's no valid signature present a security warning dialog (Screenshot2) appears. To me, that's just look a bit unprofessional. That's not what I want. I don't want to be the Unidentified Publisher. I don't want that my customer get's the advice "Don't run the program unless you know where it's from or you've used it before". What I want is to assure the integrity and authorship of my app (Screenshot1). So I have to sign it.

To sign files you need two things, you need a program to perform the signing operation and a code-sign certificate from a trusted CA vendor such as Thawte, Verisign or others. For Windows platforms you can use a tool named Signtool.exe which is shipped with MS Platform SDK (VS2008 Team Edition includes the latest platform SDK). To perform the signing operation, type the following command into the cmd shell: 

Signtool sign /f codesigncertificate.pfx /p <certificatepassword> / <url_to_timestamp_server> <all_your_files_to_sig_in_one_line>

 
That's it, but only if you want to sign your files manually.
For strong proponents of automated builds in one step (like us) you can wrap it up in an MSBUILD Exec task.

<Exec Command="signtool.exe sign /f $(codesigncertificate) /p $(certificatepassword) /t $(url_to_timestamp_server) @(files_to_sign, ' ')"/>
 
Now, you are not any longer the Unidentified Publisher.

(download)

Click here to download:

Not_any_longer_the_Unidentifie.zip (43 KB)