Windows Defender SmartScreen

Hi,

some users complained, that Windows Defender SmartScreen prevents the seafile client app to be installed, because the binary is not signed and therefore a risk. Of course, one can ignore the warning and continue the installation. Any opinions on that?

Regards,
Dirk

Both Seafile Client and SeaDrive are signed.

Seafile

This is what I get when I try to install the client on a Windows 10 machine.

On the Details tab I find:

Signature verification
File is not signed

although is says “signed” in the header. Hmmm, …

Ah, in the header is also a tag “invalid-signature”. That might be an explanation.

I also get this message.

The certificate of the timestamping server expired at the end of mai.

@daniel.pan @Jonathan

We’ll look into the issue.

1 Like

That’s because the package is broken. We have made a new package and updated the download link. Please try again.

Great, it works now. :+1:

Now, it also displays “invalid-signature”. Not sure whether that one was added in the meantime, or I just missed it.

For the new version the signature is valid, again. It would have been more transparent to just release it as 7.0.9, though.

Compared with older versions the timestamp is using sha-384 instead of sha1 which also is a significant improvement.

The current code signing certificate of Seafile Ltd. is valid till 03/18/2021 and the timestamp servers certificate until 08/01/2030.

It was simply a packaging issue. The package was somehow damaged. The certificates are all valid.

No, the timestamping server certificate was invalid at the time the first 7.0.8 version was released.