Enabling Code Signing

 

By default executables downloaded from ISL Conference Proxy (e.g. ISL Light Desk, ISL Light Client etc.) are digitally signed using our special code signing certificate (name of signer ISL Online Ltd.). This means that they should not trigger any warnings/errors (such as Microsoft SmartScreen Filter download warnings) that could be caused by unsigned executables or executables signed by code signing certificates that are no longer trusted (e.g. SHA-1).

The code signing certificate gets renewed by ISL Online regularly (every few years) and in order to get the updated certificate, you will need valid ESS and a freshly generated licence file.

Important: This applies to all customers with valid ESS who have created their licence file after 2015-04-16.

Important: Please make sure your licence file and ISL Conference Proxy are up to date. You should create a new packet every time you extend your ESS so that the resulting licence file includes the latest code signing specifications and your actual ESS date, allowing you to update your server to the latest released versions at any moment. In case you purchased ESS for a few years, it might be needed to create a new licence even before your ESS is near the expiration date, so that you get the latest codesign certificate.

Important dates and sample scenarios:

  • 2013-09-09 (This is when we introduced the embedded code signing functionality using SHA-1.)
  • 2015-04-16 (This is when we introduced the dual sign functionality, meaning that the executables are signed with SHA-1 and SHA-2, for maximum compatibility.)

If you have created your current licence before 2013-09-09, then your ISL Conference Proxy is serving unsigned  executables (unless you are using a valid custom code signing certificate).

If you have created your current licence between 2013-09-09 and 2015-04-16, then your ISL Conference Proxy is serving executables signed with a SHA-1 certificate only. Such a code sign certificate is no longer trusted by Microsoft since 2016-01-01.

In both cases you should create a new packet, apply the resulting licence to your server and fully update it. Please check the following blog post for more information.

Important: If you do not have valid ESS when creating a packet, the resulting licence will not include the code signing functionality! In that case please extend it (direct link to ESS extension in our online shop) first, then proceed to create a new packet.

If your company has registered for a server licence trial and would like to test the code signing functionality before purchasing, please contact us at support@islonline.com.

If you are an advanced user and wish to use your own code signing certificate instead, please check the following topic: Using a custom code signing certificate

In case of problems or additional questions regarding code signing please contact us via e-mail (support@islonline.com) or come to our live chat (at http://www.islonline.com/) and we will be glad to help.

Tags: isl conference proxy, code signing

Was this article helpful?