2

I have created several applications, these are deployed on the server and will be opend by the user from the network. Each time a user opens a application they get confronted with a security warning:

Open File - security warning We can't verify who created this file. Are you sure you want to run this file?

Is it possible to supress this message by code? I found an article that says I need to Sign the application but unfortunately this is not help. Another article I found says I need to manual change the security level, but that is not what I want. I just want Windows to trust my applications.

Uwe Keim
  • 39,551
  • 56
  • 175
  • 291
Cageman
  • 513
  • 3
  • 22
  • http://meta.stackexchange.com/questions/10647/how-do-i-write-a-good-title – Soner Gönül Mar 27 '14 at 15:10
  • 8
    `I just want Windows to trust my applications.` And how does Windows know your applications aren't distributing viruses? – outis nihil Mar 27 '14 at 15:14
  • Even viruses don't throw this message, strange answer...so how can I let Windows know that it save to run? – Cageman Mar 27 '14 at 15:49
  • 2
    Of course you cannot do this from code, because them every piece of malware would do so. See [How to get rid of “the publisher cannot be verified” on network files?](http://superuser.com/questions/341091/how-to-get-rid-of-the-publisher-cannot-be-verified-on-network-files) on SuperUser.com. – CodeCaster Mar 27 '14 at 15:51

1 Answers1

2

You have to sign your application with an so called "Microsoft Authenticode Certificate". Furthermore you need to register the Certificate as Trusted Publisher on all affected machines (easy if you are in an business environment with an Active Directory).

You could use the Windows Certificate Snapin (press CTRL + R and type Certmgr.msc) to display all installed certificates on your machine. There you will find a folder named trusted puplisher. However this is only possible in business environments where you have some kind of control over the network (active directory etc.). If you're distributing your application over the internet you will have a hard time ;)

Remember, certificates are about trust and there is a reason for this warning because an *.exe file could indeed harm your computer.

EDIT: helpful post about Microsoft Authenticode Certificates

Community
  • 1
  • 1
Joel
  • 4,862
  • 7
  • 46
  • 71
  • It will be published in an business environment with an AD indeed, and I see only certificate that cost money. Isn't it possible to create your own certificate? Like I said befor, I found an article wich lead me to: "right click on the project > signing > 'check' sign the assambley" and here I signed it, don't know if you mean this? – Cageman Mar 27 '14 at 16:25
  • I'm facing the same problem in our business environment. You could create your own certificate and use it to sign your application and publish it to all clients in your active directory. I wasted two business days trying to do so ;) Convincing my boss to spend a few hundred $$ for a "professional" certificate was much easier – Joel Mar 27 '14 at 16:33
  • ..but if you really wan't to go the 'hard' way, here is a point to start: http://msdn.microsoft.com/en-us/library/bfsktky3(v=vs.110).aspx – Joel Mar 27 '14 at 16:39