I Have A Code Signing Certificate But My .EXE File Is Still Being Flagged As "Not commonly downloaded and could be dangerous.."

So I gained a code signing certificate from Comodo for an "Air" application. Do I need to gain one for a .exe file since that's what I'm publishing my application as, and not a .air file?

Thanks

that i don't know, but comodo is a certificate authority so you should contact them to see why your published file is not trusted.  that may just be a local setting you have for all downloaded files, but if it is, you should see the same warning no matter whose executable you download.

Ok, as when I download say a Dropbox.exe from Dropbox.com I do not get an error. Also, is there a way to check if my .exe has the certificate attached to it with some other software or website tool? I'd like to compare for example what Dropbox's .exe has for the details and what mine has to see what's missing or why it may not be trusted.

When I publish my file as a .air file, my Publisher name pops up and and it says it's valid/trusted. So it's a little confusing.

I think that the certificate is against the app id, not the file type. Even if it's EXE it would still have air.com.companyname.appname as the app id.

But I'm not positive about that.

Well I'm not even sure how to check if the EXE has the air.com.companyname...etc. applied. How do you check that?

I also noticed in the Details for my EXE, it doesn't show anyting for File description, version, Product name, etc. It's all blank. Is this normal? See image below:

actually, i don't think you can sign an exe from animate pro.  you can sign an air project from within animate, but to sign an exe you should use the signing authority's work-flow.

this is from digicert:

"To sign code, you must first purchase a code signing certificate and download a code signing ‘engine’ suitable for your operating system. Using the code signing engine, you select the code that you want to sign and sign it with your certificate token. The code is then signed and will contain a timestamp as well as your company’s information so that users know where the code is from and that it hasn’t been tampered with. With an EV certificate, this stamp will also let Microsoft’s SmartScreen filter know that the code is secure."

Ok, so I'm forced is using Adobe Animate to publish my programs in the .AIR format? But if my user's do not have Adobe air installed, is there an easy way to have them install the Adobe Air first and then my program?

I feel sure that you can have a signed EXE. Like kglad was saying, you should also ask for help from the certificate authority, comodo.

I checked with my certificate authority, and everything is fine on their end, and the certificate I downloaded is fine.

I downloaded a test .exe file that had not been signed, and was able to sign it just fine with SignTool which is recommended around the internet for signing files.

When I use SignTool to sign my .exe made with Adobe Animate, I get an error saying "0x800700C1" which is due to a badexeformat.

So I'm starting to see that the issue is with how Adobe Animate is creating a native installer (.exe). I've also seen articles on the internet stating that Adobe does not really sign the .exe file with your certificate, so you end up having to sign it twice. Once is done for the .air file built into the native installer, and the second time is with a tool like SignTool which will sign the .exe

I'm surprised no one else has ran into this yet?? Any thoughts?

I just discovered that this issue does not happen with Adobe Flash Professional CS6. So this tells me that something is wrong with Adobe Animate's method for creating .exe files. Whom do I contact to get this fixed?

This issue can easily be replicated by trying to sign a .exe file with Sign Tool on a PC that has created a native installer (.exe) with Adobe Animate, or on a PC that used Adobe Flash Professional CS6 to create the .exe file.

Feature Request/Bug Report Form