Reputation: 22010
How important is it to digitally sign our executables?
We produce a content management system. It's a database-based system, used only by businesses and organizations, and never downloadable from the Internet. That is, it's not the kind of software someone might stumble upon and wonder what it is and whether it's safe to run. Over the 20+ years our system is being sold, its executables have never been digitally signed. Is it time for us to start signing them?
For starters, I can think of a few pros and cons:
- Pro: If using Verisign certificates, Windows Error Reporting can be used
- Pro: When Windows Vista and Windows 7 show one of those annoying UAC messages, signed applications are presented a bit more nicely
- Con: Certificates cost money. Not a lot, but if they're useless it's too much
- Con: Signing has some maintenance overhead, how much I don't know.
Upvotes: 12
Views: 3080
Answers (3)
Reputation: 144
From the tech side you already stated the pros/cons.
From the business point of view it depends on your users, maybe if you are selling B2B it wouldn’t matter as if you were selling B2C or to less savvy users whom would appreciate more a nicer UAC message.
Honestly, I wouldn’t worry.... If you haven’t had the urge and can't find a really good reason, then it’s not important yet.
I'd rather spend those efforts improving something else.
Upvotes: 1
Reputation: 34393
Pro: If using Verisign certificates, Windows Error Reporting can be used
Actually, to use Windows Error Reporting you need Verisign or other code accepted signing certificate, but you need the certificate only to access the WinQual system. The exe itself does not have to be signed at all, the error reporting works absolutely fine on unsigned exes as well.
Con: Signing has some maintenance overhead, how much I don't know. Would love to here from you...
The maintenance overhead highly depends on the quality of your build pipeline. If you build your application manually, then yes, it means a few more steps. However, if you have a build pipeline and your builds are automated, code signing means adding a few lines into the build scripts and storing the private key of the code signing certificate so that the build can access it (if you have a build server, your code signing certificate will most likely need to be stored on it).
Pro: When Vista/7 show one of those annoying UAC messages, signed apps are presented a bit more nicely
As for UAC prompt - does you application really need elevated or admin privileges to run? The best way to avoid this prompt is not to require any elevated privileges at all.
Upvotes: 4
Reputation:
Signing has some maintenance overhead, how much I don't know.
I believe if you distribute signed executables, all dependent libraries have to be signed as well. If you're using some third-party modules over which you have no control, you can get an issue.
Upvotes: 0
Related Questions
- Signed executables under Linux
- Signing .EXE executables for free (CAcert)
- How can I digitally sign an executable?
- Signing windows .NET executable
- code signing windows software: just the installer, or also the main app itself?
- Signing binaries of open-source projects
- Digitally signing an application that is compiled from source file?
- Signed binaries for digital signatures
- Digitally signing an executable, trusting its requests on the server
- Signing executables for Windows