'Windows 8 Certificate Warning: We can't verify who created this file
Despite successfully signing my C++ app on Windows 8 with signtool with a valid timestamp server and certificate, when I (local) or my users (remote) attempt to run the app, Windows displays the following message:
Open File - Security Warning We can't verify who created this file. Are you sure you want to run this file?
I am using signtool with a Comodo certificate and sign with options /f, /p, and /tr. I am confident that the signature is successful because it removes most of the runtime security warnings for my users.
'Security Warning' Dialog:
Solution 1:[1]
It seems that Microsoft, in 2013, made a change to Windows such that executables opened from a network drive will ALWAYS give this warning, even if they are signed. Source (it is brought up in the comments section by Kraig Whiting): Everything you need to know about Authenticode Code Signing - IEInternals - MSDN Blogs (archive link)
It seems the only way to make this go away is to do what user4437298 suggested, which is to add the network drive as a trusted zone.
Solution 2:[2]
Add your z:\ drive to trusted sites in internet explorer local intranet advanced options
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | wjandrea |
| Solution 2 | user4437298 |