[Solved?] Problem with latest Setups / GSA Products

SvenSven www.GSA-Online.de
edited June 24 in Other / Off Topic

When downloading any of our GSA Products, you might see the following Popup from Windows:



Let me explain what happened:


Nowadays you need to sign every executable to not get a "Yellow Warning" popup from Windows when trying to execute a setup or file that wants admin rights. So for many years now it is a common behavior for developers to buy a certificate and sign your setups.

Buying such a normal "code signing" certificate is usually for one year and costs around 100 USD. The verification procedure is always a pain and they call you up (usually big call centers from India, not calling in your time zone) to verify your identity.
Having a certificate ordered before doesn't mean you can skip such verification process on the next year. OK you get me, it's a pain for years but I got used to it.

However, lately Microsoft thought that now with the spying Windows 10, where all is sent to MS-Headquarter in background..."Why not judging how safe a certificate is by counting the amount of installations by that signed setup?". A new certificate each year means to collect as many installations by that new certificate as possible to get it approved.
Large companies didn't like that idea and soon a new type of EV certificate was advertised. Of course a lot more expensive and offering INSTANT approval by MS.

As we had problems this year with getting our new normal certificate approved, we where forced to buy this EV certificate and refunded the previous normal one.
In the end we had the currently used certificate being blocked and the new one is not delivered. I don't know when this will happen as they are shipping it by post (not in office either due to COVID19).
And now...You get this "red warning" popup box whenever trying to execute our setups. Im sorry, but this is not our fault at all...it's MS and the certification industry that squeezes out all money it can from small developers as us.

The comodo (now owned by sectigo.com) support is a mess. They reply by emails/support queries not at all or days if not weeks later. An on and off with agreements to sign, missing or incorrect data and papers where you are suppose to write a long company name in a 10 letter space.

Im soooo frustrated about this and seems Im not alone.

Anyway, here is a quick solution:

DISABLE SmartScreen which is responsible for these popups by running C:\Windows\System32\SmartScreenSettings.exe

Im sorry but right now it's the only way I guess.

Comments

  • Sven, we are with you! Should it be Yellow warning or Red, or All kind of color warning, we don't care!
    Thanked by 1Sven
  • SvenSven www.GSA-Online.de
    UPDATE 25th June
    They have finally approved the EV certificate and are now shipping it to us via UPS. Fingers crossed that we will soon be able to release updates again.
  • BDSBDS India
    KYRIAKOS said:
    Sven, we are with you! Should it be Yellow warning or Red, or All kind of color warning, we don't care!
    I agree, I ignore such warnings
  • SvenSven www.GSA-Online.de
    edited June 30
    UPDATE 30th June
    The etoken arrived but is unusable. The password does not match and I am again in a waiting loop for there support. One good advise: NEVER order anything at comodo or sectigo.com! Lesson learned!
  • SvenSven www.GSA-Online.de
    edited July 3
    Update 1st July
    I have now issued a refund (last day in 30day time period I can do this) and will use another provider. I really advise anyone to NOT order from comodo or sectigo. If only I would have read on TrustPilot before.

    So lets see what else we have...ssl.com is my next try for a good and reliable EV certificate WITH Support.
  • DeeeeeeeeDeeeeeeee the Americas
    I was unaware of any of this. Very interesting.  Annoying warnings! :(
    It sucks that GSA has to deal with this nonsense...
    Sven, I hope that you can find a solution soon.
    What a waste of time.
  • SvenSven www.GSA-Online.de
    Update 8th July
    Another week passed and Im waiting for ssl.com to verify and deliver the certificate. The whole certification industry seems to be a mess really. What can be so difficult in verifying that we are a legit business!? There are directories and gov-sites to do the research online. Just a few clicks and it's done.
    Anyway, we are awaiting there call back now...awaiting that for 3 days now as I was promised to have that on Monday. Nothing for now.
  • SvenSven www.GSA-Online.de
    edited July 25
    Update 9th July
    We have received the phone call back asking us all things of data everyone could see online. Nevertheless it is done now and we are awaiting the certificate (as I was hoping).

    Update 13th July - 22th July
    I was away for a week since my last update and I was expecting the certificate lying on my desk, but nothing. I was nagging the ssl.com support almost daily asking for the certificate and the next steps. Each time they said they will hand it over to the verification team, but nothing after that.

    Update 23th July
    I was finally able to talk to the verification team directly (time zones matter). They said a second review would always be needed but also finished today and my certificate would be shipped the next day.

    Update 24th July
    The certificate was finally shipped and is now on the the customs (Zoll in German). I have sent them my EORI number and hope to finally have the certificate in my hands in the mid of next week. Though I will not be available for the next week and hopefully can work normally on 2nd of August and provide updates the normal way.
  • SvenSven www.GSA-Online.de
    Update 3rd August
    We finally got the certificate and actively using it now. Over the next days you will see updates on probably all our GSA products (even on tiny bugfixes) to quickly have the new certificate out in the wild.
Sign In or Register to comment.