Google and Mozilla vs Symantec: Certificate Wars

Starting from January 2018, Ablebits will use a new code signing certificate.

Before publishing the upcoming updates of our products, I want to inform our users about possible issues they may encounter when installing the updates. But these issues are not consequences of our flaws. Here is a short story...

For many years we've been using a code signing certificate from Symantec to preserve the integrity of our products, and for you to be sure that yet another setup.exe has been compiled and published by us. And we were very pleased with the fact that our certificate had become trusted for millions of individual users and companies around the world. However, in 2016, Mozilla and then Google decided they would no longer trust the certificate issuing procedure practiced by Symantec. As the result, beginning with 2018, all certificates issued by Symantec will become untrusted.

You can find more details by following these links:

Currently, it concerns the certificates that confirm the authenticity of web-sites and are used for safe connections with them (ssl-certificates). But we were alerted by this situation, kept an eye on its development and decided to change our code signing certificate, so that one day we would not find ourselves in a situation where our users simply would not be able to run our products. That is why, starting with January 2018, we will be signing all our products with a different certificate. And this will cause one side effect.

Windows protected your PC

This is the message you will most likely get after you have downloaded our product and are trying to install it:

Windows protected your PC

Please don't be scared, everything is Okay. Simply click the More Info link, and you will see this:

Click the Run Anyway button

And then, hit Run Anyway.

How to check that the certificate is valid

We publish our distributables in zip files. Please do not open a zip file directly in Windows Explorer. Instead, right click it, and select Extract All... from the context menu. Then, switch to the Digital Signature tab of setup.exe Properties, select either signature, and click Details:

Digital Signature details

Now, click the View Certificate button:

View Certificate

And you will see the general information about the certificate:
General information about the certificate

On the Certification Path tab, select 4Bits Ltd. certificate:

4Bits Ltd. Certificate

And make sure that the cert is valid.

New cert and antiviruses

Also, some antivirus software may not allow running our setup.exe (or msi) because our new certificate is not familiar to them. If your antivirus has blocked our product, please contact our support service and they will promptly help you.

That's all. Sorry for this!

If you have any questions or concerns, please don't hesitate to contact our support team or post your questions in comments to this post. We thank you for your support and understanding!

Post a comment

Thank you for your comment! When posting a question, please be very clear and concise. This will help us provide a quick and relevant solution to your query. We cannot guarantee that we will answer every question, but we'll do our best :)