17 Replies Latest reply: Oct 12, 2011 9:19 AM by david_a_clark RSS

    Why does extension loader check extension's certificate during each loading?

    Anatoly Paraev


      We are having some problems with an expired code signing certificate.
      We sell a commercial extension which is signed with our code signing certificate. Recently our certificate expired, and we started to receive reports that our extension had stopped working in CS5.
      It looks like CS5 checks the extension's certificate not only during installation, but also at each loading.
      This behavior looks like a serious bug in Creative Suite extension loader since all certificates will expire sooner or later, and this means that all extensions are doomed to stop working at some point, unless they are timely updated.
      Why does CS5 check the certificate at each start up? This doesn't make sense at all, certificates are only used to check that the code is authentic during installation. An authentic extension cannot turn into malware after installation, so there is absolutely no point in checking the certificate after installation.
      Can someone from the CS SDK team comment on this issue? This turned into a major problem for us.
      Thank you in advance,
      Anatoly Paraev