Skip to content

DLL Signature

emoose edited this page Apr 12, 2023 · 10 revisions

Certificate thumbprint: 2f716ed985cbaa6221b4f8bd821cb1c2844b1831


DLSSTweaks 0.200.5 and newer are now signed with a self-signed certificate, you can check this signature in file Properties > Digital Signatures.

However as this is self-signed, Windows will give a warning in that dialog about the certificate not being trusted, this isn't too much to worry about though since the DLL should still load into your games fine.

If you see the text "This digital signature is not valid", or if the "Digital Signatures" tab doesn't appear, that is cause for concern, and you should delete that file and redownload it from another source.

One main issue is that being self-signed, it would be very easy for someone else to create their own identical self-signed certificate under the same name and then sign it themselves...
You can confirm if the certificate is genuine by checking the thumbprint of it, just go to DLL Properties > Digital Signatures > Click github.com/emoose > Details > View Certificate > Details > Thumbprint, then compare that with the thumbprint listed above.

Not everyone is going to bother with all that though, so to be extra safe hashes of each release are now provided on the github release page.
(a tool like the excellent OpenHashTab or command-line tools like sha256sum can calculate the hash for you pretty easily)
You can use the listed hashes to help make sure the file you downloaded is genuine.

In future I'd like to get hold of a proper code-signing certificate, but the pricing for those is pretty out of my reach right now.
If any holder of a code-signing cert is willing to sign my DLLs for me I'd be very thankful (if desired you can build it yourself to be sure there's no malware etc), please contact me at abc (at) cock (dot) li.

Clone this wiki locally