Hi,
I build my own Veracrypt thanks to your instructions to install it in my organization computers, and I'm very grateful to you.
Now I need to digitally certify the software to make my organization the publisher,
Please guide me where I can purchase the EV and please give me full guide.
Thanks.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I don't have a guide for EV certificates. You can check website of CAs like DigiCert or GlobalSign for details. Only be sure to choose EV code signing certificate and not standard one.
For example (there are others):
Hello, I do not want to take up your time, but I am tired of searching and trying. I have completed the modifications to the version of veracrypt that I want for the company in which I work, and I purchased the EV code as you advised me in your previous email, and I modified the Sign.bat file, I modified only the hash following sha 1 and replaced it with the one I purchased from Global Sign , but when I run the setup file, the same error appears, stating that the program is not registered, as if I did not do anything. Can you advise me to do something or can I change this from within the code?
I have signed the original Veracrypt version downloaded from github and worked fine, this problem appear only when i sign the modified version still shown the message windows cannot verify the digital signature etc, Please Help Me .
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
@ameerme90: sorry for the late feedback. Your issue is documented here: https://veracrypt.fr/en/CompilingGuidelineWin.html#KnownIssues
Basically, you need to modify Dlgcode.c to set the modify gpbSha512CodeSignCertFingerprint so that it contains the SHA512 hash of your code signining certificate instead of IDRIX one.
👍
1
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
I build my own Veracrypt thanks to your instructions to install it in my organization computers, and I'm very grateful to you.
Now I need to digitally certify the software to make my organization the publisher,
Please guide me where I can purchase the EV and please give me full guide.
Thanks.
Hi,
I don't have a guide for EV certificates. You can check website of CAs like DigiCert or GlobalSign for details. Only be sure to choose EV code signing certificate and not standard one.
For example (there are others):
VeraCrypt official binaries are signed using a GobalSign code signing certificate.
Once you have your EV certificate, you can modify sign.bat to sign the binaries with your certificate.
I hope this will help.
Hello, I do not want to take up your time, but I am tired of searching and trying. I have completed the modifications to the version of veracrypt that I want for the company in which I work, and I purchased the EV code as you advised me in your previous email, and I modified the Sign.bat file, I modified only the hash following sha 1 and replaced it with the one I purchased from Global Sign , but when I run the setup file, the same error appears, stating that the program is not registered, as if I did not do anything. Can you advise me to do something or can I change this from within the code?
I have signed the original Veracrypt version downloaded from github and worked fine, this problem appear only when i sign the modified version still shown the message windows cannot verify the digital signature etc, Please Help Me .
@ameerme90: sorry for the late feedback. Your issue is documented here: https://veracrypt.fr/en/CompilingGuidelineWin.html#KnownIssues
Basically, you need to modify Dlgcode.c to set the modify gpbSha512CodeSignCertFingerprint so that it contains the SHA512 hash of your code signining certificate instead of IDRIX one.