Paul Robertson's words, punctuated

Thoughts on development, user-centered design, code, etc. by Paul Robertson

Survey: Is a ChosenSecurity certificate trusted on your machine?

Please take the following “survey” to see if a ChosenSecurity code-signing certificate is trusted on your machine.

(If you’re curious, you can read the background details below.)

Here’s how you can help:

  1. Download the .air file for the test application (339 KB)
  2. Double-click the .air file to install it (you’ll need to have Adobe AIR installed already, of course).
  3. When the installer gets to the warning dialog, check to see if the certificate is trusted or not. If the certificate is trusted, the dialog will look like this (the circled areas are the specific things to check for):

    You can cancel the installation once you’ve seen the dialog – it’s just a super-plain “hello world” application anyway.

  4. Leave a comment with your results! If the certificate is trusted (if it looks like the image) leave a “Yes” comment. If the certificate isn’t trusted, say “No” in your comment. In either case, you get bonus points if you add what kind of computer (manufacturer and model name) you tested, what operating system (including version number and language) you’re running, and where (country/city) you live.
  5. Repeat the test on other computers you may have access to (parents, friends, roommates, etc.). Spread the word and ask your developer friends to test it out also! I’d like to get a good cross-section of machines, not just developer machines in the United States running the latest OS X or Windows.

Once again, here’s the link to leave a comment with your results.


I got a code-signing certificate from ChosenSecurity. Since they’re not a “big name” Certificate Authority like Verisign, I was worried that the certificate might not be trusted on as many machines. (If on a given machine a chain of trust can’t be established for a certificate you get the “unknown publisher” dialog when you’re installing AIR apps signed with that cert, regardless of whether the certificate is self-signed or not.)

However, since I was getting my code-signing certificate for free, I decided to give it a try and be the “guinea pig” for other developers who might be considering a ChosenSecurity certificate. (The advantages of the ChosenSecurity cert are that it costs less and you don’t have to have a backing company – you can get the certificate as an individual.)

Thanks very much for participating. Remember, this isn’t just for me – this is for all AIR developers who are wanting to get a code-signing certificate for less, but are concerned that the certificate might not be trusted on every machine where they’d like their apps to run.