Today I ran some tests because customers have reported some odd problems. I updated a Windows 10 computer to all the latest updates and finally got to see what the customer reported. https://s3.amazonaws.com/uploads.hipchat.com/15697/60882/WN2lcXUa8zdne6o/cor ruptsignature1.png

"Windows protected your PC Windows SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk."

Clicking on the more info link allows a customer to run the exe anyway.

It also appears this only happens with a SHA-1 certificate signed exe, which was signed after 1/1/2016 that was downloaded from the internet.

The customer can "Unblock" the file, and this problem goes away.

If you support Windows XP, Vista, or Server 2008 (not R2) you won't see this problem. You will see this problem on newer OS's.

If you only sign your EXE with the SHA-2 certificate, it will not work on Windows XP SP3, Vista, and Server 2008 (according to Microsoft). I still need to get the SHA-2 certificate.

According to this site: http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enf orcement-of-authenticode-code-signing-and-timestamping.aspx the exe can be dual signed. I don't know if this process will break the VFP executables.

If you are looking for code signing, here's a really good deal. http://codesigning.ksoftware.net/