Add Code Signing for Datum Desktop Windows Installer #125
Description
Summary
Sign the Datum Desktop Windows installer EXE so Windows recognizes the publisher and reduces warnings.
Motivation
Unsigned installers show "Unknown Publisher" and create friction for users installing Datum Desktop.
Code signing improves trust, install success, and reduces blocking behavior in Microsoft Edge downloads.
Goals
- Sign Datum Desktop Windows installer during build/release
- Use SHA256 signing with timestamp
- Ensure "Datum" shows as publisher in Windows
- Improve Microsoft Edge download and run experience (reduce blocking/warnings)
Non-Goals
- EV certificate (future consideration)
- Microsoft Store distribution
Implementation
- Obtain a code signing certificate (OV or EV) for Datum
- Install Windows SDK (includes SignTool)
- Securely store certificate (CI secret or hardware token for EV)
- Add signing step to release pipeline
Example:
signtool sign /fd SHA256 /tr http://timestamp.digicert.com
/td SHA256 /a datum-desktop.exe
- Verify signature:
signtool verify /pa datum-desktop.exe
References
- SignTool documentation: https://learn.microsoft.com/en-us/windows/win32/seccrypto/signtool
- Signing guide: https://learn.microsoft.com/en-us/windows/win32/appxpkg/how-to-sign-a-package-using-signtool
Acceptance Criteria
- Datum Desktop installer is signed in CI/CD
- Windows shows valid publisher (no "Unknown Publisher")
- Microsoft Edge allows download and run with reduced warnings
- Installer installs without major SmartScreen blocking
Metadata
Metadata
Assignees
Labels
No labels