The Intel AppUp® center requires that all .msi or .exe application installers or .JAR files to be signed using a valid certificate. Intel AppUp is currently offering developers an opportunity to obtain a valid certificate from Comodo at no cost.
http://software.intel.com/en-us/articles/signing-authority-disclaimer
Once you get the certificate, you will have to install it from the browser. The same browser should be used to apply and install the certificate. We recommend using FireFox.
To make app signing easier, Intel has created a simple app signing tool that works for MSI, EXE, JAR files.
It will automatically propose you to use the installed (and valid) certificates from your computer, but you can also drop in a .pfx file to use additional certificates.
This article shows you how to extract an installed certificate as a .pfx if you need to do so: http://software.intel.com/en-us/articles/how-do-i-get-code-signing-certificate-certifying-authority
Timestamping
We also require that the file is timestamped. This is useful because it allows it to be trusted after certificate expires. The timestamping server doesn't need to match the signing certificate. However, for apps that use comodo certificate, they can leave the default settings at http://timestamp.comodoca.com/authenticode.
If you are signing a JAR file, please download the Java SDK first:
http://www.oracle.com/technetwork/java/javase/downloads/index.html
Additional Resources
You can also manually sign your file using the command prompt and read other app signing resources.
- http://software.intel.com/en-us/articles/signing-msi-files
- http://software.intel.com/en-us/articles/signing-jar-files
- http://software.intel.com/en-us/articles/Application-Signing-FAQs
- http://software.intel.com/en-us/articles/maintaining-valid-certificates
- http://software.intel.com/en-us/articles/code-signing-issues-and-solutions
| Attachment | Size |
|---|---|
Download  codesigningutility.zip | 355.44 KB |
Comments
Very nice tool. Simple to sure and looks great.