Skip to content

Commit

Permalink
Add paragraph on .bat signing
Browse files Browse the repository at this point in the history
  • Loading branch information
@maxbechtold
maxbechtold committed Jul 27, 2020
1 parent c0f87fa commit ffa350c
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ In order to consolidate the database, the tool prepares update scripts for you,

## Troubleshooting
Starting:
- to understand Windows SmartScreen Defender warnings for `timerecord.exe`, read [this](docs/unknown-publisher-warning.md)
- to understand Windows SmartScreen Defender warnings for *dirt-rally-time-recorder*, read [this](docs/unknown-publisher-warning.md)
- if you encounter an error message about sockets, understand that this tool cannot run in parallel, but only in a single instance at the same time
- unless you downloaded the bundled version, have a look at `resources/migrate.sql` to find instructions how to update to new releases
- if you encounter errors at start-up, see if renaming the file `dirtrally-laptimes.db` helps (which will create a new database)
Expand Down
5 changes: 4 additions & 1 deletion docs/unknown-publisher-warning.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,10 @@

When running this program from the pre-built .exe, Windows SmartScreen Defender might warn you about an unknown publisher or untrusted certificate. This is expected, as the executable is signed with the author's personal self-signed certificate. Properly signing with a root certificate trusted by Windows and other operating systems is costly and requires funding that this project does not have.

You should still check the `timerecord.exe` and verify it's actually original. To this end, it has been signed with a certificate that is described in the next section. To ensure your `timerecord.exe` has not been tampered with, open its certificate by viewing its properties through the context menu. Navigate to Digital Signatures, then Details, select View Certificate, then again Details.
You should still check the `timerecord.exe` and verify it's actually original. To this end, it has been signed with a certificate that is described in the next section. To ensure your `timerecord.exe` has not been tampered with, open its certificate by viewing its properties through the context menu. Navigate to Digital Signatures, then Details, select View Certificate, then again Details (cf. screenshots in German Locale).

> Note: The same warning might appear for the included .bat files. Although it is not possible to sign .bat files, you can right click on any in the installation folder and select Edit to see it contains only SQLite calls, i.e. interaction with the database.

![certificate-dialog](certificate-dialog.png)

Expand Down

0 comments on commit ffa350c

Please sign in to comment.