AxisWay Online Customer Service and Marketing System is an online customer service software developed based on .net core / WPF with the purpose of:Open, open source, share. Strive to create an excellent open source product for the .net community.
contexts
I developed this customer service system in my spare time, there is a problem that has always bothered me, 360 and a variety of domestic security housekeeper is very easy to report threats. Even if ESET, Kaspersky, Windows Defender, small red umbrella all normal, but 360, China's butler is stubborn to report threats. The user base of these domestic butler is very large, very irritating. Is it really necessary to pay protection fees?
After a long time of trying and testing, the problem has finally been alleviated to some extent (no guarantee yet that it won't be reported again, keep watching).
Digitally signing software
If the software is reported as a threat by 360 and domestic housekeepers, you can digitally sign it, that is, use a code signing certificate, and when users download the software, they will be able to verify the source of the software through the digital signature to confirm that the software and code have not been illegally tampered with or implanted with viruses, and to reduce the possibility of being misreported.
is a tool provided by Microsoft for digitally signing code and software files:
- Supports multiple file types signature: It can digitally sign common executable files (e.g. .exe, .dll, .ocx), Cabinet packages (.cab), and directory files (.cat), etc., to ensure the integrity of the files and the reliability of the source, and to prevent the files from being tampered with.
- Enhance software security and credibility: Through digital signatures, users can verify whether the software is from a legitimate developer and whether the software has been modified during transmission when they download and run the software, thus enhancing the security and credibility of the software, and reducing the users' worries about software from unknown sources.
- Provide timestamp service: you can add a timestamp in the signing process, even if the code signing certificate expires, as long as the software is signed within the validity period of the certificate, the timestamp service can still ensure that the software's signature will continue to be valid for a certain period of time, so that the user can still feel free to download and use it without the need for the developer to re-sign the software.
Generate digital signature certificates
Generate a certificate: You can use the New-SelfSignedCertificate command to generate a self-signed certificate, e.g.
New-SelfSignedCertificate -Type Custom -Subject "CN=YourCompanyName" -KeyUsage DigitalSignature -FriendlyName "YourFriendlyName" -CertStoreLocation "Cert:\CurrentUser\My" -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.3", "2.5.29.19={text}") -NotAfter (Get-Date).AddYears(10)
where CN is the subject name of the certificate, which can be modified according to the actual situation, this command will generate a self-signed certificate in the current user's certificate store.
Export Certificate: Use the Export-PfxCertificate command to export the certificate to pfx format, such as
Export-PfxCertificate -cert "Cert:\CurrentUser\My\YourCertificateThumbprint" -FilePath -Password (ConvertTo-SecureString -String "YourPassword" -Force -AsPlainText)
Note the substitution of YourCertificateThumbprint for the actual certificate fingerprint and YourPassword for the set password.
Signing with Signtool: Find the path to the tool, usually in C:\Program Files (x86)\Microsoft SDKs\ClickOnce\SignTool\, open a command prompt, enter the directory, and then execute the signing commands, such as
C:\Program Files (x86)\Microsoft SDKs\ClickOnce\SignTool\" sign /f /p YourPassword /t /v ""
Replace , YourPassword and with the actual certificate file, password and name of the software file to be signed.
Use Tools
To make a root certificate: at the command prompt, type
makecert -sv -ss mysubjectname -n CN=mycompany -r
where -sv specifies the name of the private key file, -ss specifies the name of the subject's certificate store, -n specifies the certificate issuer, -r specifies the location of the certificate store, and enter to set the password and remember .
To make a sub-certificate: enter
makecert -sv -iv -n CN=mycompany -$ commercial -ic
Also set and remember the password, the meaning of the parameters in this command is similar to that of the root certificate, except that -iv specifies the private key file of the root certificate and -$ specifies the authorization range.
Generate spc issuer certificates: optional operation, enter
cert2spc
Files can be generated in the appropriate directory.
Use Signcode Signature: Run , follow the wizard in order to select the file to be signed, the certificate type is "Custom", then select the sub-certificate and private key file from the file, and enter the appropriate password, you can also set the hash algorithm, other certificates, data description, and timestamps, and other options, and finally finish! Digital Signature.
caveat
Certificate security: the production and use of digital certificates, the need to properly store the private key files and passwords to prevent the theft or leakage of certificates, so as not to cause the software to be malicious signature or other security issues.
Fill in the description information accurately: when filling in the function description and web location, it must be accurate and point to the introduction page of this software on the website of the certificate signing organization, otherwise it may lead to the revocation of the certificate.
Introduction to this .net developed customer service system
It can run 24 hours a day, 7 × 24 hours a day, without dropping the line and losing messages, welcome to test.
/
Hopefully, it will be built:Open, open source, share. Strive to create an excellent open source product for the .net community.