Windows Installer Verification

Introduction

All KiCad Windows installers have a digital signature attached. This signature comes from a code signing certificate issued by a trusted root certificate authority that is bundled by Microsoft in Windows.

Verification Steps

  1. Begin by downloading the KiCad installer of choice.

  2. Browse to the file in File Explorer.

  3. Right click on the file and Open Properties

    Right click menu for file properties

  4. Now click the Digital Signatures tab

    Digital Signatures tab of file properties modal

  5. Select the only signature that should be present. If there is no signature at all, this installer is invalid. Click details on the signature

    Details button for a digital signature

  6. Observe the General tab that will appear. The exact text "This digital signature is OK" must be present. The signer Name should also match the one described on the downloads page.

    Details button for a digital signature

  7. Click the Advanced tab. The installer and signature are only valid if the Issuer and Serial Number match the one described on the downloads page.

    Details button for a digital signature

Summary

A installer can be concluded as safe and intact only if the following criteria are met:

  • Digital signature must be present

  • Digital signature must report "This digital signature is OK"

  • Issuer of the digital signature must be as described on the downloads page

  • Serial Number of the digital signature must be as described on the downloads page

  • (Signer) Name of the digital signature must be as described on the downloads page