CefSharp.BrowserSubprocess signature

[fabmoll]

Hello all,

More and more of our customers receive a trigger by AV (maybe a false positive) about this process.
And they need to add a special rules for application not signed.

I couldn't find a answer to my question and I wanted to ask you if there is a specific reason why the process isn't signed?

I just found this post: #779

Thank you all.

[amaitland]

Firstly, for applications being distributed to external clients it's recommended to self host the browser subprocess (use your own executable instead of the one shipped with the nuget package).

https://github.com/cefsharp/CefSharp/wiki/SelfHost-BrowserSubProcess

is a specific reason why the process isn't signed?

It's a non-trivial process with a cost involved. That's hard to justify for an open source project.

Who's paying? Who's contributing the time to implement signing?

CEF doesn't provide signed binaries. Application distributors (e.g. you, or whomever created the application that you're using) should sign all binaries that are being distributed as part of the application.

CEF doesn't provide signed binaries either. The advice I've seen is to sign all binaries distributed with your application.

• Signing the assembly for Windows platforms chromiumembedded/cef#3718 (comment)
• https://stackoverflow.com/a/29245711/4583726

Personally I've not tried this, so do your own research before taking this course of action.