|Im considering purchasing the Thawte digital certificate (authenticode) for a downloadable game client application but we have a technical question we have been unable to find an answer to (even by speaking to Thawte themselves).|
The basic issue is that we are eventually going to have affiliates who can refer traffic for revenue share.
The way it works is that when a user (who is referred by an affiliate) downloads the client, the server puts the affiliate ID into the game launcher (setup.exe).
So when a user then installs the client and then registers to become player, the client uses affiliate ID for the registration step (ie to ensure that the affiliate gets the credit for the referral).
Therefore, the server changes (or patches) the game launcher (setup.exe) with an affiliate ID.
My coder has told me that because of this we cannot sign the launcher because each time it is patched the certificate will become invalid.
Have any of you had this problem? Is this correct? If so, is there a way we can get around this problem?