Re: [Vm-dev] Sign Windows VMs

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Re: [Vm-dev] Sign Windows VMs

On Tue, May 15, 2018, 10:00 Fabio Niephaus <[hidden email]> wrote:
Hi Vincent,

On Tue, May 15, 2018 at 1:15 AM <[hidden email]> wrote:



I am using Pharo in a company network under a firewall, an antivirus, and windows, and each day I have an issue with some parts of the Pharo application that are recognized as a threat.  So, I cannot download it or execute it straightforwardly.


Today was this one:



Another day was the Cairo Dll where a “Veil Evasion Payload” has been detected.

I agree, this is bad.


And some people has encounter the same kind of issues:


It seems that the solution is to sign the VM with Authenticode, but for this, one needs to acquire a certificate (which is, of course, not free).

Has the community such a certificate? Maybe the same that for MacOS?

No, we don't have such a certificate yet and we can't use the certificate from Apple because it can only be used for macOS VMs unfortunately.

Would someone configure the VM builds to automatically sign them? (I can spend some time for this if needed)

Of course, but first we need a certificate I'm afraid.








image003.png (40K) Download Attachment