Strawberry Perl 5.20.1.1 invalid MSI signatures
Unfortunately I have managed to release strawberry-perl-5.20.1.1-32bit.msi and strawberry-perl-5.20.1.1-64bit.msi files with wrong MSI signature. The installer will very likely complain about revoked certificate (although I do not know why my laptop have not complained when I tested these MSI).
I am sorry for any inconvenience this might caused you.
The trouble is that although I have sent scanned copy of my passport to Certum CA approx. a year ago they claim that they do not have it. Unfortunately the reminder they sent me was probably "swallowed" by cpan.org's spam filter and they simply revoked my certificate. I have submitted a new request for code signing certificate, unfortunately cpan.org's spam filter struck again and block an e-mail with verification URL I have to click on.
I am tired of dealing with Certum CA and I am fed up with cpan.org's spam filter, therefore I am considering to stop signing MSI packages.
I blog about Perl.
What a pain. It sounds very frustrating but please don't stop signing the packages.
Thanks for all you do on Strawberry Perl!
You can use StartSSL code signing certificate for $59.90.
First of all I should probably stop using my @cpan.org e-mail address for any serious purposes. As for the price Certum CA's code signing certificate is free for open source developers.
Quite frankly anyone asking for a scanned copy of an identification document is an idiot: you can not verify the authenticity using a copy. Even a crappy forge is likely to be accepted. Sending it by non-encrypted email doesn't make it better.