Community
    • Login

    Notepad++ v8.8.3 Release Candidate

    Scheduled Pinned Locked Moved Announcements
    29 Posts 7 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • donhoD
      donho @donho
      last edited by donho

      While writing the release notes, I realized the both certificates (root certificate & code signing certificate) of RC4 have the same information while displaying:

      Issued to: Notepad++
Issued by: Notepad++
Valid from 7/7/2025 to XXXXX

      Only the the valid dates (to XXXXX) are different.

      To avoid users’ confusion, I did a new root certificate and a new code signing certificate and signed the release again:
      http://download.notepad-plus-plus.org/repository/8.x/8.8.3.RC5/

      xomxX 1 Reply Last reply Reply Quote 0
      • xomxX
        xomx @donho
        last edited by xomx

        @donho said in Notepad++ v8.8.3 Release Candidate:

        Only the the valid dates (to XXXXX) are different.

        To avoid users’ confusion, I did a new root certificate and a new code signing certificate and signed the release again:

        ?, the shown “to XXXXX” remains different as before:

        last root-cert: Valid from 7/9/2025 to 7/9/2055
        cert in signed RC5 binary: Valid from 7/9/2025 to 7/9/2028

        Root-certs usually have longer expiration date, I don’t see a problem with it.

        donhoD 1 Reply Last reply Reply Quote 0
        • donhoD
          donho @xomx
          last edited by donho

          @xomx said in Notepad++ v8.8.3 Release Candidate:

          Root-certs usually have longer expiration date, I don’t see a problem with it.

          The point is on “Issued to” & “Issued by”: the information should be difference between 2 certificates.
          It’s more clear in RC5 for users:

          Root certificate: (Self-signed root certificate)

          8ce32d0b-b12d-4ee8-9ebf-ebff98d5cd68-image.png

          Code signing certificate (Code signing certicate issued by Self-signed root certificate)

          c035d2f1-5e81-4ab0-a01e-1a54cf7534a7-image.png

          xomxX PeterJonesP 2 Replies Last reply Reply Quote 2
          • xomxX
            xomx @donho
            last edited by

            @donho said in Notepad++ v8.8.3 Release Candidate:

            The point is on “Issued to” & “Issued by”: the information should be difference between 2 certificates.

            Ah, now I see it, thanks.

            The important is, you left the code-signing one “Issued to” to be the Notepad++, so the possible future UAC pop-ups can say “Notepad++” as the “Verified publisher” (with the N++ cert in the Trusted Root CA) as it was before, right?

            1 Reply Last reply Reply Quote 2
            • PeterJonesP
              PeterJones @donho
              last edited by

              With the newest certificates and RC5, what I see is

              • Notepad++ Root Certificate
                • General
                  • Issued To: Notepad++ Root Certificate
                  • Issued By: Notepad++ Root Certificate
                  • Valid from 7/8/2025 to 7/8/2055
                • Details
                  • Thumbprint = c80539ff7076d22e73a01f164108dafbf06e45e4

              And on the signing certificate with the RC5 binary, I see:

              • Notepad++
                • General
                  • Issued To: Notepad++
                  • Issued By: Notepad++ Root Certificate
                  • Valid from 7/8/2025 to 7/8/2028
                • Details
                  • Thumbprint = 7f517e235584afc146f6d3b44cd34c6cc36a3ab2

              The dates are presumably different because of timezone differences, since early morning 7/9 in France was still 7/8 on the Western timezone in USA.

              @donho, Please confirm whether these are the correct Thumbprints, according to your records.

              donhoD 1 Reply Last reply Reply Quote 2
              • donhoD
                donho @PeterJones
                last edited by donho

                @xomx

                The important is, you left the code-signing one “Issued to” to be the Notepad++, so the possible future UAC pop-ups can say “Notepad++” as the “Verified publisher” (with the N++ cert in the Trusted Root CA) as it was before, right?

                Yes, exactly - if the root certificate is installed on users’ machine.

                @PeterJones

                I confirm the above information.

                BTW, the root certificate will be available in GitHub repository as well:
                https://github.com/notepad-plus-plus/notepad-plus-plus/blob/master/nppRoot.crt

                You might consider to include Notepad++ root certificate (nppRoot.crt) in npp-user-manual.org and also the following information:

                Name: Notepad++ Root Certificate
                Serial Number: 7A137FBEA48E8D469D2B43D49EBBCB21
                Thumbprint: C80539FF7076D22E73A01F164108DAFBF06E45E4
                SHA256: 443B4543C3A682804540849793556FFD3A6CE5D4721C9ADFDA6450223DDD54D7
                Created: 2025-07-09
                Expires: 2055-07-09

                so users could have 3 sources to download the root certificate and do the croiss-verification.
                It’s totally up to you. But if you do, please provide me the URL of nppRoot.crt - I will include it into my release note & Ressources page.

                PGomersallP PeterJonesP 2 Replies Last reply Reply Quote 2
                • PGomersallP
                  PGomersall @donho
                  last edited by

                  @donho said in Notepad++ v8.8.3 Release Candidate:

                  BTW, the root certificate will be available in GitHub repository as well:
                  https://github.com/notepad-plus-plus/notepad-plus-plus/blob/master/nppRoot.crt

                  @donho nppRoot.crt is not found at that location

                  PeterJonesP 1 Reply Last reply Reply Quote 0
                  • PeterJonesP
                    PeterJones @PGomersall
                    last edited by PeterJones

                    @PGomersall said in Notepad++ v8.8.3 Release Candidate:

                    nppRoot.crt is not found at that location

                    I think you missed two of Don’s words from his sentence: “the root certificate will be available” – “will be” implies future tense, so not yet.

                    –
                    update: an hour later, that file does exist at https://github.com/notepad-plus-plus/notepad-plus-plus/blob/master/nppRoot.crt … so no more waiting

                    1 Reply Last reply Reply Quote 1
                    • donhoD donho unpinned this topic
                    • PeterJonesP
                      PeterJones @donho
                      last edited by

                      @donho said in Notepad++ v8.8.3 Release Candidate:

                      But if you do, please provide me the URL of nppRoot.crt - I will include it into my release note & Ressources page.

                      Sorry if I wasn’t fast enough for the Release Notes…

                      https://npp-user-manual.org/docs/certs/nppRoot.crt

                      1 Reply Last reply Reply Quote 2
                      • First post
                        Last post
                      The Community of users of the Notepad++ text editor.
                      Powered by NodeBB | Contributors