Some users reported that warning, of course only using MS browsers (IE or Edge on Windows 10).
I discovered why. Technical details here http://aka.ms/sha1
Non-technical summary: MS decided to not trust an algorithm on a purely theoretical weakness (which I find a bit hilarious... we're signing games, not top secret software!!) and so marked as invalid all the installers I did.
Of course if you just use Chrome or Firefox (as I do) you won't see any message
But in practice it means I need to rebuild/resign/reinstall ALL the Windows installers! Of all my games... that might take a while
For now I'll wait, because I was planning to do that already but when Ren'Py reached the new stable release (since also fixes some other issues). In any case even if you see those warnings, my games works just fine and aren't a threat to the world security
"digital signature is corrupt or invalid" error
- jack1974
- Pack leader
- Posts: 15479
- Joined: Thu Jun 16, 2005 4:43 pm
-
- Elder Druid
- Posts: 957
- Joined: Fri May 06, 2011 2:23 am
Re: "digital signature is corrupt or invalid" error
Not-so-theoretical and even if it's just for games, opens up a potential malware vector. I think most browsers have moved up their sha1 deprecation date to mid-2016 from 2017, so you may want to resign your installers soon.jack1974 wrote: Non-technical summary: MS decided to not trust an algorithm on a purely theoretical weakness (which I find a bit hilarious... we're signing games, not top secret software!!) and so marked as invalid all the installers I did.
- jack1974
- Pack leader
- Posts: 15479
- Joined: Thu Jun 16, 2005 4:43 pm
Re: "digital signature is corrupt or invalid" error
I got the new certificate, the problem is that I also wanted to wait to have a new stable Ren'Py version before updating 15+ games
Honestly I see many other indies who don't even sign their installers (like Hanako for example, so famous ones), so... well, anyway since I paid for the certificate I'll use it, but might wait a few weeks hoping to see a new stable release of Ren'Py.
For PSCD of course no, since I already used the latest Ren'Py version. I risked a bit but I like to support the developer by testing the system myself directly with my users
Honestly I see many other indies who don't even sign their installers (like Hanako for example, so famous ones), so... well, anyway since I paid for the certificate I'll use it, but might wait a few weeks hoping to see a new stable release of Ren'Py.
For PSCD of course no, since I already used the latest Ren'Py version. I risked a bit but I like to support the developer by testing the system myself directly with my users