KeePass 2.26 not signed

  • xfacter

    xfacter - 2014-04-13

    The new version for windows does not seem to be signed/certified. Will we be getting a signed version soon?

  • wellread1

    wellread1 - 2014-04-13

    When you use KeePass you are entering into a direct trust relationship with the KeePass authors. You can verify the authenticity and integrity of a downloaded version of KeePass by confirming a match between the Hash published by the authors with a computed Hash of your downloaded version. For details see

    Various other signatures and keys to verify your download are available via links at the bottom of the downloads page.

    KeePass releases are not signed with a commercial digital certificate or certified by a certificate authority. For an explanation of code signing see

    Last edit: wellread1 2014-04-13
  • xfacter

    xfacter - 2014-04-13

    I see. When I launch the 2.26 setup it prompts me that it is not signed. This does not happen when I launch the 2.25 setup. I suppose this could be because I have previously allowed it to launch in the past.

  • wellread1

    wellread1 - 2014-04-14

    The warning messages also display on current OSes with earlier version KeePass setups (e.g. 2.25).

  • Paul

    Paul - 2014-04-14

    You probably need to right click on KeePass-2.26-Setup.exe, select Properties and Unblock.

    cheers, Paul

  • Shivan

    Shivan - 2014-10-17

    But what is there against signing the application and installer with a certificate?

    For open source it can be get, free here:

    I think that's easier than manually checking md5 or something else.


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks