Signing a Windows app
Code signing is a security technology that you use to certify that an app was created by you.
On Windows, apps are signed using Sign Tool, which is included in Visual Studio. Install Visual Studio to get the signing utility (the free Community Edition is enough).
You can get a Windows Authenticode code signing certificate from many vendors. Prices vary, so it may be worth your time to shop around. Popular vendors include:
Keep your certificate password private
Your certificate password should be a secret. Do not share it publicly or commit it to your source code.
On Windows, Electron apps are signed on the installer level at the Make step.
Once you have a Personal Information Exchange (
.pfx
) file for your certificate, you can sign Squirrel.Windows and MSI installers in Electron Forge with the certificateFile
and certificatePassword
fields in their respective configuration objects.For example, if you are creating a Squirrel.Windows installer:
forge.config.js
module.exports = {
packagerConfig: {},
makers: [
{
name: '@electron-forge/maker-squirrel',
config: {
certificateFile: './cert.pfx',
certificatePassword: process.env.CERTIFICATE_PASSWORD
}
}
]
}
Last modified 4d ago