Making things worse is Microsoft’s Internet Explorer security warning each time a Vista or Windows 7 user starts to download software from the web – “The publisher could not be verified. Are you sure you want to run this software?”

You can sell more software if you eliminate this frightening message. All it takes is an Authenticode code signing certificate.

If you sign your downloads, your prospect will still see the “Are you sure you want to run this software?” part of the warning message. But they won’t see the “publisher could not be verified.” portion.

And, with a single click, end-users can view your certificate and feel comfortable that they’re downloading exactly what they expected to download. The code signing certificate ensures that the downloaded file has not been tampered with after the original publisher created it.

With a code signing certificate installed, software developers can sign EXE, CAB, DLL, COM, OCX, JAR, VBA, Mozilla object files, Silverlight files, Active X controls, and MacOS 9+ files.

Code signing is an effective way to increase software sales by minimizing the risk associated with downloading files from the Internet.

To learn more about buying an affordable Code Signing certificate from K Software, visit http://codesigning.ksoftware.net/

So you’ve purchased a code signing certificate from our store? Great! If you used FireFox to place the order then you’ll now need to export your certificate from the certificate store into a PFX file that you can use with the utilities that perform the code signing. This blog post will walk you through doing that.

If you ordered using Internet Explorer, click here to go to the post about exporting with IE.

To export a stored code signing certificate from FireFox to a PFX file follow these steps :

There are two ways to open the FireFox “Options” Window. The first is to just click the Tools menu. If you don’t see the Tools menu, you might need to do this  :

The new default location of FireFox Options (for those that don't have a "tools" menu)

If you have the Tools menu at the top of the FireFox window, click it, then Options, then the Advanced Button (far right, top), Encryption tab, then the View Certificates button  :

Firefox Code Signing Export - Step 1

 Click the Your Certificates tab at the top, then Select YOUR company name (where you see K Software in the screenshot), click Backup :

Firefox Code Signing Export - Step 2 ** Depending on when you ordered, you might see "Comodo Code Signing CA 2" instead of "COMODO CA Limited"

FireFox requires a password for the PFX file.

Type in any password you like but REMEMBER WHAT YOU ENTER!

Firefox Code Signing Export - Step 3

Click OK and that’s it! FireFox will ask you where you want to save the PFX file – save it anywhere. The file is portable and can now be copied to any computer.

Additional Note : FireFox might save the file with a .p12 extension – that’s OK! Just rename the file to .pfx and you can use it with any of the code signing tools.

So you’ve purchased a code signing certificate from our store? Great! If you used a new(er) version of Internet Explorer then you’ll now need to export your certificate from the certificate store into a PFX file that you can use with the utilities that perform the code signing. This blog post will walk you through doing that.

Though these screen shots are from Windows XP the process is the same on Windows Vista and Windows 7.

To export a stored code signing certificate to a PFX file follow these steps :

Open Control Panel, click Internet Options.

Step 1

Click the Content tab. Click the Certificates button.

Step 2

Select the Personal tab, then click the certificate you would like to export.

Comodo certificates will be “Issued By” UTN-USERFirst-Object like in the above screen shot or, starting in 2011, by “COMODO Code Signing CA”.

Step 3

Click the Next button

Step 4

Click the option “Yes, export the private key”. Click the Next button.

Step 5

Select the option Personal Information Exchange. Check the first two boxes and optionally the third box. Click the Next button.

** Windows Vista / Windows 7 Users : You may not have the “Enable Strong Encryption” option – that is OK! Check the “Export all extended properties” option.

Step 6

Optionally password protect the private key. Click the Next button.

While password protecting the key does provide a great deal of security (only those with the password can code sign), you MUST remember the password – it cannot be recovered.

The only thing left to do after step 6 is to choose where to save the PFX file and click Finish!

While not guaranteeing bug-free code, Authenticode identifies the publisher of signed software and verifies that it hasn’t been tampered with, before users download software to their PCs - technet.microsoft.com/en-us/library/cc750035.aspx

Authenticode is commonly referred to as Code Signing because a “digital signature” is attached to .EXE and other files that is used to determine if the file has been modified since being “signed” by the publisher.

The way most users have run across Authenticode is likely by downloading a piece of software and seeing a rather nasty “Unknown Publisher” warning from the web browser (or Windows). Does this look familiar to anyone?

That is an example of an Unknown Publisher download warning in Windows Vista.

Now an example of the same warning, but for a file that has been digitally signed (by K Software) :

If you click on the linked K Software text you can see the details of the certificate :

Note the “This Digital Signature is OK” message. If you don’t see that on the certificate details page then you should not run it as the file has been modified since the publisher signed it (it could have a virus or contain some other sort of malware).

What Authenticode is Not

Authenticode (Code Signing) is not a guarantee that the software that has been digitally signed is bug free or even virus/malware free. All a digital signature says is “this file has not been modified since it was signed by the publisher”. Having said that it is worth noting that obtaining a code signing certificate is not free and that companies or individuals that apply for a code signing certificate do have to pay a fee and do have to prove their identity to the company that issues the certificate.

K Software is an authorized Comodo reseller and offers Comodo Code Signing Certificates at a significant discount. Read more.