Signing a Windows application as a (financially limited, Swiss) individual developer
16:05 19 Apr 2026

Without any previous experience whatsoever, I recently found myself needing to ship my first application for Windows. Compiling was not too big of an issue, the application now works as expected. What I need help with is navigating SmartScreen.

Having always developed software for Mac, the behavior was familiar: in order for some application to ship without warnings, one needs to authenticate it with their own signature, plus some certificate / notarization to attest that it is to be trusted.

Now, with Apple, I feel the procedure is unique and clearly defined: sign up to Apple developer, pay ~100 bucks, get your certificate, send your application for a check to Apple, get it notarized, staple everything, done.

Despite a couple of weeks of effort, I have not managed to identify which procedure one needs to take with Microsoft:

  • SSL providers also sometimes sell Organization Validation (OV) or Extended Validation (EV) certificates. Now, to the best of my understanding, these apply only to companies, and I do not have one. Also, the cost seems to be in the many hundreds of dollars, which I simply cannot afford just to ship a simple app that is not going to make me any money.

  • I seem to understand that there are also Individual Validation (IV) certificates, but they also seem to be extremely expensive (many hundreds of dollars) and seem to require physical hardware for signing, which needs to physically be shipped to you.

  • I got my hopes up when I found out about Azure Artifact Signing Accounts. After nearly one full day on the phone with Microsoft's technical support, I signed up for an Azure account, opened an Artifact Signing Account, tried to create a (Public Individual Certificate? I forgot the name, it was something like this) only to find out that those are only available to individual developers in the US or Canada.

I tried Googling, I tried ChatGPTing, but I am stuck and confused. My constraints are:

  • I am a European citizen living in Switzerland.

  • I am an individual developer.

  • My financial resources are limited. I can scrape together one hundred bucks, but not many hundreds.

Given these constraints, I would like to have a simple application I made somehow run on Windows without being flagged as malware by SmartScreen. Is it at all possible? My common sense says yes, but I cannot find an authoritative answer as to what one needs to do.

windows code-signing smartscreen