6.9 KiB
6.9 KiB
rmtPocketWatcher - Complete Deployment Summary
🎉 System Overview
Your rmtPocketWatcher Flutter application now has a complete, professional deployment system with:
✅ Self-Signed Code Signing Certificate ✅ Signed Standalone Executable ✅ Signed MSIX Installer ✅ Automated Build & Signing Pipeline ✅ RSS-Based Update System ✅ CI/CD Integration
📁 Generated Files
Certificates (Keep Secure!)
certificates/rmtPocketWatcher.pfx- Private certificate (password:rmtPocketWatcher2024!)certificates/rmtPocketWatcher.cer- Public certificate for user installationcertificates/CERTIFICATE_INFO.txt- Certificate details and instructions
Distribution Files
build/windows/standalone/rmtpocketwatcher.exe- Signed standalone executablebuild/windows/x64/runner/Release/rmtpocketwatcher.msix- Signed MSIX installerbuild/rmtPocketWatcher-Windows-v1.0.1-release.zip- Complete distribution package
🚀 Quick Start Commands
Create Certificate (One-time setup)
.\create_certificate.ps1
Build & Sign Everything
.\build_windows.ps1 -Release
Sign Individual Files
.\sign_executable.ps1 -ExePath "path\to\app.exe"
📦 Distribution Options
Option 1: Standalone ZIP (Recommended)
File: rmtPocketWatcher-Windows-v1.0.1-release.zip
- Size: ~50-100MB
- User Experience: Extract and run - no installation needed
- Trust Level: Signed executable reduces Windows warnings
- Best For: General distribution, users without admin rights
Option 2: MSIX Installer
File: rmtpocketwatcher.msix
- Size: ~30-60MB
- User Experience: Double-click to install via Windows Package Manager
- Trust Level: Signed installer, clean install/uninstall
- Best For: Users who prefer traditional installation, enterprise deployment
Option 3: Public Certificate Distribution
File: rmtPocketWatcher.cer
- Size: ~2KB
- Purpose: Pre-install certificate for enhanced trust
- Best For: Organizations, power users, eliminating all warnings
🔒 Security Features
Code Signing Benefits
- ✅ Eliminates "Unknown Publisher" warnings
- ✅ Verifies file integrity (detects tampering)
- ✅ Establishes publisher identity
- ✅ Enables Windows SmartScreen trust
- ✅ Professional appearance
Certificate Details
- Subject: Lambda Banking Conglomerate
- Valid: 3 years (until December 2028)
- Algorithm: SHA256 with RSA encryption
- Timestamp: DigiCert timestamp server (ensures validity even after cert expires)
🔄 Update System
Automatic Updates
- Checks RSS feed every 4 hours:
https://git.hudsonriggs.systems/LambdaBankingConglomerate/rmtPocketWatcher/releases.rss - Shows notification banner when updates available
- Users can manually check via title bar button
- Supports multiple download formats (Portable, Full, MSIX)
Version Management
- Current version:
1.0.1(from pubspec.yaml) - Semantic versioning: MAJOR.MINOR.PATCH
- Automatic CI/CD releases on version changes
🏗️ CI/CD Pipeline
Automated Workflow
The .gitea/workflows/release.yml automatically:
- Detects version changes in pubspec.yaml
- Builds Windows & Android versions
- Signs all executables (when certificates available)
- Creates multiple distribution formats
- Publishes to releases page with detailed notes
Manual Triggers
- Push to main branch with version change
- Manual workflow dispatch
- Tag creation (v1.0.1 format)
👥 User Instructions
For End Users (Standalone ZIP)
1. Download rmtPocketWatcher-Windows-v1.0.1-release.zip
2. Extract to any folder (Desktop, Program Files, etc.)
3. Double-click rmtpocketwatcher.exe
4. If Windows shows a warning:
- Click "More info" → "Run anyway" (first time only)
- Certificate will be automatically trusted for future runs
For End Users (MSIX Installer)
1. Download rmtpocketwatcher.msix
2. Double-click the file
3. Click "Install" when prompted
4. Find "rmtPocketWatcher" in Start Menu
5. Updates can be installed over existing version
For Organizations (Certificate Pre-installation)
1. Distribute rmtPocketWatcher.cer to users
2. Users double-click and install to "Trusted Root"
3. All future app versions will be automatically trusted
4. No security warnings for any Lambda Banking Conglomerate software
🛠️ Maintenance
Certificate Renewal (Every 3 Years)
# Check expiration
$cert = Get-PfxCertificate -FilePath "certificates/rmtPocketWatcher.pfx"
$daysLeft = ($cert.NotAfter - (Get-Date)).Days
Write-Host "Certificate expires in $daysLeft days"
# Renew certificate
.\create_certificate.ps1 -Force
Upgrading to Commercial Certificate
- Purchase from DigiCert, Sectigo, or similar ($100-500/year)
- Update
pubspec.yamlwith new certificate path - Update build scripts with new password
- Re-sign and redistribute applications
📊 Trust Levels Comparison
| Distribution Method | Initial Trust | User Action Required | Long-term Trust |
|---|---|---|---|
| Unsigned | ❌ High warnings | Click through multiple warnings | ❌ Always warns |
| Self-signed | ⚠️ Moderate warning | "More info" → "Run anyway" | ✅ Trusted after first run |
| Self-signed + Pre-installed Cert | ✅ Full trust | None | ✅ Always trusted |
| Commercial Certificate | ✅ Full trust | None | ✅ Always trusted |
🎯 Recommendations
For Development/Testing
- ✅ Current self-signed setup is perfect
- Provides professional appearance
- Eliminates most user friction
For Commercial Distribution
- Consider upgrading to commercial certificate ($200-500/year)
- Provides immediate trust without user interaction
- Required for some enterprise environments
For Open Source Projects
- ✅ Current setup is ideal
- Document certificate installation for power users
- Consider community funding for commercial certificate
📞 Support & Troubleshooting
Common Issues
- "Windows protected your PC" - Click "More info" → "Run anyway"
- Certificate expired - Run
.\create_certificate.ps1 -Force - SignTool not found - Install Windows SDK
- Access denied - Run PowerShell as Administrator
Getting Help
- Check
CERTIFICATE_GUIDE.mdfor detailed troubleshooting - Review Windows Event Viewer for signing errors
- Verify certificate validity with
Get-AuthenticodeSignature
🏆 Achievement Unlocked!
Your rmtPocketWatcher application now has:
- Professional code signing ✅
- Multiple distribution formats ✅
- Automated build pipeline ✅
- Built-in update system ✅
- Enterprise-ready deployment ✅
Users will see "Lambda Banking Conglomerate" as the verified publisher, eliminating security warnings and building trust in your Star Citizen AUEC price tracking application!