Strawberry Perl invalid MSI signatures

Unfortunately I have managed to release strawberry-perl- and strawberry-perl- files with wrong MSI signature. The installer will very likely complain about revoked certificate (although I do not know why my laptop have not complained when I tested these MSI).

I am sorry for any inconvenience this might caused you.

The trouble is that although I have sent scanned copy of my passport to Certum CA approx. a year ago they claim that they do not have it. Unfortunately the reminder they sent me was probably "swallowed" by's spam filter and they simply revoked my certificate. I have submitted a new request for code signing certificate, unfortunately's spam filter struck again and block an e-mail with verification URL I have to click on.

I am tired of dealing with Certum CA and I am fed up with's spam filter, therefore I am considering to stop signing MSI packages.


What a pain. It sounds very frustrating but please don't stop signing the packages.

Thanks for all you do on Strawberry Perl!

You can use StartSSL code signing certificate for $59.90.

Quite frankly anyone asking for a scanned copy of an identification document is an idiot: you can not verify the authenticity using a copy. Even a crappy forge is likely to be accepted. Sending it by non-encrypted email doesn't make it better.

Leave a comment

About kmx

user-pic I blog about Perl.