Why “Unknown Publisher Security Warning” Appears
The “Unknown Publisher” security warning in Windows 10 appears when you try to install or run an application that a trusted publisher does not digitally sign. This warning is there to protect your System from potentially malicious software from unknown sources. However, sometimes, you may encounter this warning, even for legitimate apps. In this article, we will discuss various methods to fix the Unknown Publisher error and install apps without compromising security.
Understanding Digital Signatures and Certificates
First, it’s important to understand digital signatures and digital certificates to understand why you get the Unknown Publisher warning.
A digital signature is used to verify the identity of the software publisher and guarantee that the code has not been tampered with. Certificates are issued by trusted third-party Certificate Authorities (CA) like DigiCert, Sectigo, etc., to software publishers after their identity is validated.
The certificate contains details about the publisher and a public key and is digitally signed by the CA. When you install a digitally signed app, Windows uses the CA’s public key to verify the signature, validate the publisher’s identity, and confirm the integrity of the code.
If Windows cannot verify the digital signature of an app because there is no certificate from a trusted publisher, you get the Unknown Publisher warning. This prevents malicious or tampered software from harming your device.
Steps for Fixing Unknown Publisher Security Warning
Here are various methods to deal with the Unknown Publisher warning on Windows 10:
- Install Only Apps from Trusted Sources
- Unblock the Publisher
- Bypass Warning Using Command Line
- Disable SmartScreen Filter
- Add Publisher Cert to Trusted Publishers
- Create a Catalog File for the App
1. Install Only Apps from Trusted Sources
The simplest method is to install applications only from the official websites of reputed publishers and the Windows Store. These applications will always be digitally signed and will not show any warnings.
Avoid downloading installers from unofficial third-party websites. They are more likely to be tampered with and show a warning.
2. Unblock the Publisher
If you trust the publisher of the app, you can unblock and allow installation as follows:
- Right-click on the installer exe or app package and go to Properties.
- In the General tab, click on the Unblock button at the bottom.
- Click Apply and then run the installer. The warning should no longer appear.
This unblocks the app and adds the publisher to the trusted list so that you won’t get warnings again on subsequent upgrades.
3. Bypass Warning Using Command Line
For advanced users, you can bypass the warning completely by running the installer using the following command:
rundll32.exe url.dll,FileProtocolHandler <path-to-installer>
Replace <path-to-installer> with the actual installer exe path. This will launch the installer directly without the warning prompt.
4. Disable SmartScreen Filter
The SmartScreen filter in Windows 10 provides the Unknown Publisher warning. You can turn it off entirely to bypass the warning as follows:
- Open Start and search for “App & browser control.“
- Click on “Exploit protection settings“.
- Under “Program settings,” scroll down and turn off “Check for publisher’s certificate revocation.“
This will completely turn off the certificate checks. However, it is not recommended for security reasons. Only use it if you fully trust the app.
5. Add Publisher Cert to Trusted Publishers
If the app shows a valid certificate but the publisher is not trusted, you can manually add it to the trusted list:
- Double-click on the installer exe and go to the Digital Signatures tab.
- Click on the certificate and then click View Certificate.
- In the Certification Path tab, select the top-level CA certificate.
- Click Install Certificate and store it under Trusted Root Certification Authorities.
- Re-run the installer. The warning should no longer appear.
This method adds the publisher’s CA to the trusted list. It requires modifying the certificate store, so only use it if you are sure of the app’s legitimacy.
6. Create a Catalog File for the App
You can create your catalog file for unsigned apps, which will allow Windows to trust it without warnings:
- Download the SignTool utility
- Create a publisher certificate using SignTool
- Run the following command to generate a catalog file:
SignTool sign /a /v /s MY /n "My Publisher Name" /t http://timestamp.verisign.com/scripts/timstamp.dll PathToInstaller.exe
- In the above command, replace MY with your publisher certificate and name.
- Install the generated catalog file when prompted after running the command.
- Run the installer exe. It should now launch without warning.
This method uses your test certificate to sign the app manually. It is more complex but allows for the installation of custom line-of-business apps.
Tips for Staying Safe
When dealing with Unknown Publisher warnings, here are some tips to keep your system safe:
- Pay attention to the warning for apps/files from internet sources or removable media.
- Only unblock apps from trusted publishers that you have directly downloaded from official sites.
- Scan installers with your antivirus software before allowing them to run.
- As a precaution, create System Restore points before installing blocked apps.
- Avoid tools that turn off permanent security features like SmartScreen.
- Keep your System and apps up to date to get the latest security fixes.
Final Thoughts
The Unknown Publisher warning in Windows 10 is important to prevent malicious apps from harming your device. However, it may also block legitimate apps.
In this article, we examined various methods, such as unblocking the publisher, creating catalog files, disabling SmartScreen, and managing certificates to bypass the warning. The right approach depends on where the app is from and your trust level.
Carefully evaluating blocked apps and making selective exceptions using the methods outlined above allows you to install required third-party software without entirely turning off system security. This helps strike the right balance between usability and safety when dealing with Unsigned app errors.
Frequently Asked Questions
Is the Unknown Publisher warning harmful?
No, the Unknown Publisher warning protects your System by alerting you about unsigned apps that could be malicious. You should not ignore it when downloading from the Internet.
Will unblocking a publisher work for all apps from them?
Yes, unblocking adds the publisher to the trusted list. Any future apps from them will run without warnings.
When should I turn off the SmartScreen filter?
Only temporarily disable SmartScreen as a last resort if you fully trust the app and the other methods don’t work. Then, turn it back on immediately.
How can I create a certificate to sign my apps?
To create test certificates, you can use Microsoft’s Certificate Creation Tool or SignTool utilities, as well as third-party tools like OpenSSL.
Can I delete a publisher from the trusted list if I no longer trust them?
Yes, you can manage the trusted publisher list using the Certmgr.msc utility. To remove a certificate, right-click on it and choose Delete.
Priya Mervana
Verified Web Security Experts
Priya Mervana is working at SSLInsights.com as a web security expert with over 10 years of experience writing about encryption, SSL certificates, and online privacy. She aims to make complex security topics easily understandable for everyday internet users.
