I use Self Code sign Certificate and sign exe file using Windows SDK signtool.exe through PowerShell.
Exe file successfully signed. But for other systems This Sign Doesn't work. Because other system Doesn't have my Code Sign Certificate in form of pfx file.
So what I do For that:
I have two options : Through the help of python script which includes an exe file. that performs a pfx file install in Windows certificate Store at time of exe file run as administrator and i get Publisher Name. But how this thing is possible !!
Or Suggest Other ways to do this.
Simply I ask Self Sign Code Certificate run in all system.
Thank you.
Certificates are validated through trust certificate chain. The trust chain of the leading code signing providers are already present as a part of OS. Thus they don't require to distribute their certificates.
If at all, you want to use your own certificate (irrespective of which OS will trust it), you may create your own private CA (google for it) and then use your private CA certificate to sign your code signing certificate. You may distribute certificate of your private CA (certificate don't have private keys... contains only public keys...).
It's not good idea to distribute your pfx since it also contains private key and anybody can use the certificate which is again stealing your identity...
BTW, Certifying Authorities issuing code signing certificates, has some cost verifying your identity and that is the reason they are charging the amount (for some countries it becomes large amount though...!!)