Gpup signature

[ronmanp]

This is more of a feature request and not really an issue per say.
But gpup.exe is not digitally signed which makes UAC warn you that this application is untrusted so it would be great to sign it for security reasons.

Happens on all prompts from Gpup so it's all the time you either update or install/uninstall a plugin.
Happens on all builds but currently I'm using these versions:

• Notepad++ v7.5.4 x86
• Plugin Manager 1.4.9.0

Thank you!

[chcg]

Regarding code signing, see:
https://technet.microsoft.com/en-us/library/2008.04.powershell.aspx
https://en.wikipedia.org/wiki/Code_signing
https://msdn.microsoft.com/en-us/library/ms995347.aspx
https://www.excelsiorjet.com/kb/34/howto-digitally-sign-executables-and-installers-produced-by-excelsior-jet

@bruderstein Do you have a certificate for code signing?

[jakevis]

+1 would be great to have this fixed

[nitzanms]

+1 critical for security

[Eagle3386]

Much less important since N++ brings its own plugin manager nowadays - which, BTW, is already signed..

[chcg]

@Eagle3386 Yes it was, but see https://notepad-plus-plus.org/news/notepad-7.6.4-released.html.

3 years ago DigiCert donated a 3 years code signing certificate to the project, and every good thing has its end, the certificate has been expired since the beginning of this year.

[Eagle3386]

@chcg Yeah, read it just around noon today. But then the whole point becomes obsolete anyway as there's no sense in a signed plugin manager if its host program isn't signed, too.

[SuperSandro2000]

We need LetsEncrypt for exe signing.

[Eagle3386]

LE does not offer certs with code signing support.

[SuperSandro2000]

Yeah I know. I meant to say that they should add something to their service

[Eagle3386]

Got it. LE stated (states?) that they will only serve for HTTPS, no ambitions or even plans for code signing.. 😥