I am using Windows 10 IOT Core with raspberry pi. Now as I am finishing the development, I would like to box everything up and distribute to some customers. To make a Retail Build, I need to have a code signing certificate. I would like to know how it would be if I distribute the Test Build instead of the Retail Build? I do not need to send any updates to my customers.
The purchased code signing certificate is valid for a limited period. Will my software expire after that time if I do not renew this certificate? And even if it is renewed, my customers wont be using internet, so will it cause a problem?
Test images includes tools for quickly accessing and modifying devices.It is great for:
Retail images can be made more secure for public or corporate networks while still receiving updates. So it is recommended to build retail image for product.
On August 1, 2019, Microsoft announced the Microsoft Trusted Root Program is ending support for cross-signed root certificates with kernel-mode signing capabilities. In 2021, most of the cross-signed certificates expire. When the cross certs expire, new certificates cannot be issued. Microsoft is working to provide an alternate retail signing mechanism and we target to provide them early next year. Please wait with patience. If you already has a code-signing certificate and use it build a retail image, please don't worry the impact of the expiration, there will be no impact to the running systems as the certs were valid when they were signed (timestamped). It only blocks ability to sign and publish new versions of the driver updates.