Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

Thawte/Verisign Software Download Certificate



12:41 am on Mar 26, 2009 (gmt 0)

5+ Year Member

Im considering purchasing the Thawte digital certificate (authenticode) for a downloadable game client application but we have a technical question we have been unable to find an answer to (even by speaking to Thawte themselves).

The basic issue is that we are eventually going to have affiliates who can refer traffic for revenue share.

The way it works is that when a user (who is referred by an affiliate) downloads the client, the server puts the affiliate ID into the game launcher (setup.exe).

So when a user then installs the client and then registers to become player, the client uses affiliate ID for the registration step (ie to ensure that the affiliate gets the credit for the referral).

Therefore, the server changes (or patches) the game launcher (setup.exe) with an affiliate ID.

My coder has told me that because of this we cannot sign the launcher because each time it is patched the certificate will become invalid.

Have any of you had this problem? Is this correct? If so, is there a way we can get around this problem?


6:56 pm on Mar 26, 2009 (gmt 0)

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member

That is almost correct. Unfortunately, there is not an area in the signature code that can be customised and then read back later. This would have been easy to implement but I guess nobody thought to do so.

Your only option is to sign one copy for each affiliate. When a new version is released, you'll either have to delete all the signed copies and arrange for new signed copies to be created on demand or you'll have to create a new set of signed copies.

The signing process is very quick unless you need to include a timestamp (recommended). In this case it may take a few seconds to connect to a timestamp server.

I would recommend creating new signed copies on demand if you running on a Windows server, but if you are running on something else this might be tricky.



Featured Threads

Hot Threads This Week

Hot Threads This Month