Picard 1.4: Unknown publisher warning (on Windows 10)

Tags: #<Tag:0x00007f050973d768> #<Tag:0x00007f050973d628> #<Tag:0x00007f050973d4e8> #<Tag:0x00007f050973d3a8> #<Tag:0x00007f050973d150>


I’ve just downloaded the new Picard 1.4 for Windows and I get the following warning while trying to install it on Windows 10 Pro… I’m not sure if it’s something our devs can have a look at ? Not really a bug I guess but it could deter some people about using/installing it.


I had a similar issue on my Mac when I tried to install Picard a while back. It’s because the application is unsigned. I asked about it on IRC and I was told it was deliberate. (My memory is a tad hazy; please correct me if I’m wrong.)


That’s correct, both Windows and Mac versions are unsigned. Somebody from MB would have to buy a certificate and sign them if you want those warnings to go away. The certificate costs about $200/year. Even if someone bought the certificate, I’m not sure I’d be able to set it up on the build machines that are used for building Picard, because they run ancient versions of Windows XP and Mac OS X 10.7 and I’m not sure if the signing tools support such old systems.


There are a number of bugs filed for this issue across several products:



so basically the windows and mac warnings are corporate bullshit to make more money?
real pity.
but at least I know that now when installing stuff.
might be a good idea to mention this on the picard download site; “ie don’t worry about any warnings mac/windows might give you about installing this, it’s because picard is unsigned (and then write a few lines about why we chose to not sign it)”


[quote=“CatQuest, post:5, topic:212197”]so basically the windows and mac warnings are corporate bullshit to make more money?[/quote]Not only to make more money.
An installer with a valid certificate also ensures that you have the original unmodified installer version from the original issuer. There is no unwanted modification from any obscure 3rd party download portal.


A word of advise if you decide to go down the certificate route (which I think would be a good investment for MusicBrainz), buy a 5 year certificate rather than one or two year one. I had a two year one, it recently ran out so I bought a new one from the same company with the same details but Microsoft does not recognise the new certificate straight away even though the details are the same there is a delay of a number of days.