Docker image to sign an executable using osslsigncode.
docker run -v ${PWD}/work/:/work/ likesistemas/exe-sign:latest
CERT_FILE: Certificate file that should be in the /work/ folder. Default: certificate.pfx
CERT_PASSWORD: Certificate password. Default: 123456
EXE_FILE: Executable to be signed. Default: app.exe
EXE_SIGNED: Final signed file name. Default: app_signed.exe
Certificate (Taken from the Source)
The first thing you have to do is get the certificate and install it on your computer, you can either buy one from a Certificate Authority or generate one using makecert.
Here are the pros and cons of the 2 options
Using a certificate issued by a CA(Certificate Authority) will ensure that Windows will not warn the end user about an application from an "unknown publisher" on any Computer using the certificate from the CA (OS normally comes with the root certificates from manny CA's)
There is a cost involved on getting a certificate from a CA
For prices, see Cheapssl and Digicert
The steps are easy and you can share the certificate with the end users
End users will have to manually install the certificate on their machines and depending on your clients that might not be an option Certificates generated with makecert are normally used for development and testing, not production.