topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 6:36 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Portable FARR - File Altered? Problem with Cert?  (Read 4014 times)

rustymonkey

  • Participant
  • Joined in 2012
  • *
  • default avatar
  • Posts: 5
    • View Profile
    • Donate to Member
Portable FARR - File Altered? Problem with Cert?
« on: May 15, 2015, 09:38 AM »
Hi,

I just tried updating to FARR Portable 2.223.01 (on Win 8 ), but when I attempt to run the .exe, I get a windows error:

Windows smartscreen prevented an unrecognized app from starting. Running this app might put your PC at risk.
Publisher: Unknown Publisher
App: FindAndRunRobot.exe

Upon examining the certificate associated with the .exe it seems that Windows considers that "One of the countersignatures is not valid. The file may have been altered". See images re. the cert below.

FARR_cert1.jpgFarr_cert2.jpg

Any idea what the problem might be? I've reverted to my previous version for now (it doesn't exhibit this issue).

Thanks for a great app!

-Rusty

Ath

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 3,612
    • View Profile
    • Donate to Member
Re: Portable FARR - File Altered? Problem with Cert?
« Reply #1 on: May 15, 2015, 01:04 PM »
The file is not altered, but it's signed with a code-signing certificate that uses SHA1 hashing algorithm that is deprecated by (a.o.) Microsoft and Google.
Microsoft wrote down their policy this way: http://blogs.technet...recation-policy.aspx
Google has been publishing their intent in this article: http://googleonlines...unsetting-sha-1.html

On the InstallSite blog an article in this direction is also written:
...
It only seems to affect setups that are being digitally signed.

The problem is caused by Windows Update KB3004394 which updates the way Windows checks for revoked root certificates.
...
Full article: http://blogs.msmvps....-command-line-build/
Newer versions of InstallShield just fail to digitally sign the executable, but the Portable build and Inno Setup installer that are used for SC signing doesn't seem to fail, but it's your OS that fails to accept the Certificate chain-in the file.

I guess mouser needs to update his code-signing certificates to SHA2 (aka sha256) versions (my employer also has to, but we're already due for this update in a couple of months).

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Portable FARR - File Altered? Problem with Cert?
« Reply #2 on: May 15, 2015, 02:29 PM »
oy that sucks, it's bound to confuse people and cause problems.
Thanks for the links Ath, looks like i have to change the hashing algorithm and/or generate new code signing certificates.  I'll try to do so this week.