With all the hard work you’ve put into your apps and helping market them to customers, the last thing you want is for customers to cancel a download because your app no longer has a valid certificate. To ensure you are free of any barriers, the Intel® Developer Zone is continuing to subsidize new certificates for Intel AppUp® developers and covering the cost of certificate renewals for the next year.

In this article, you will see the end-user experience with an expired certificate and the steps you need to take to keep your apps up to date with their certification.

Having an expired certificate is as good as an unsigned application. When trying to download and install your application, the end user is prompted with a warning message indicating that the application does not come from a trusted source. The additional level of trust you would like to provide to an end-user with a valid certificate is lost and the user can choose to cancel the download of your application. The example shows the message for an application with expired certificate:

An application with an expired certificate will not be unpublished from the Intel AppUp® center. It will continue to install if the user chooses “Run”. Also, there are no implications for apps that are already downloaded and installed. However, we strongly recommend that you keep your application signed at all times.

The certificate issued through Comodo for Intel AppUp® developers is valid for 1year from the date it was issued. You can also check the expiry date of the certificate by running the below command on a signed application:

signtool verify /v /pa app_name.msi

Make sure that you run this command from the Windows SDK installation folder for Signtool.

If you have a certificate from a Certificate Authority (CA) other than Comodo, it is possible that you have purchased a certificate for a higher validity period. You can use the signtool command above to check the exact expiration date on your certificate.

The certificate renewal process delineated here applies to developers who obtained a certificate through Comodo from the Intel Developer Zone portal starting July 2011. Depending on when your certificate was issued, these certificates will expire a year from issuance date. Please follow the steps below to obtain a renewed certificate:

Note: Renewal orders will be accepted starting 12th June 2012 through the Intel Developer Zone portal.

1. Log in to software.intel.com
2. Select the same Organization Name, Organization address that you used to place the first order. Place the certificate order.
3. Comodo will reuse the documents provided during the first order validation to verify the second order and issue the renewal. No additional documents will be needed to validate your order.

If your organization credentials have changed, your order will be treated as a fresh order, and you will be required to provide documents that will verify the validity and accuracy of information provided in the order form.

If you have a certificate from a different CA and wish to obtain a code signing certificate through the Intel Developer Zone, you can place a new order through software.intel.com through Comodo.

The cost of the code signing certificate will continue to be subsidized through 2012.

1. Obtaining a code signing certificate from Comodo
2. Documents required for code signing
3. Singing MSI/EXE files
4. Signing JAR files
5. Code signing tools