I have created a self-signed certificate to sign my program. I noticed that importing the certificate using:
certutil.exe -addstore root "Tmp.crt"
Makes UAC warnings "more friendly" (showing the publisher name, without paying hundreds to Certificate Authorities.
My program is dedicated for a small group of people. Is it safe to create a prompt asking users if they want to install the certificate to the "Trusted Root Certification Authorities" store? Assuming they already trust the program enough to allow starting with administrative permissions.
If they import and trust your self-signed certificate, they are explicitly asked to trust you.
If you use a code signing certificate from an "official" (= paid-for) certificate authority, they are not asked to trust you explicitly, but they trust your certificate implicitly through that certificate authority. They have never been asked if they trust that authority, because it's trusted by the operating system for them.
As a consequence, I can't see how asking to trust your self-signed certificate would be more unsafe than relying on someone else's decision to trust a certificate authority. The only downside is that the user might be disconcerted by being asked something they are not usually asked.
You can increase security by making your program check the certificate it's been signed with to make sure it's indeed the one you self-signed.