How to verify the digital signature of an EmEditor executable

Our EmEditor executables are digitally signed so that you can verify that the file was created by us and has not been tampered with. This guide explains how to check that EmEditor executables have a valid signature.

EmEditor executables such as EmEditor.exe and EEAdmin.exe, as well as EmEditor DLLs such as ee128.dll, are signed with our digital signature.

We also package libraries from other companies, such as vccorlib140.dll. These may be signed by the originating company and not by us. This guide focuses on verifying signatures for executables and DLLs created by Emurasoft.

You can use this guide to validate executables for both the desktop and portable versions of EmEditor. To validate the digital signature of an installer before installing the desktop version, use this guide.

Verification steps

An EmEditor executable is valid if and only if all of the following checks in the six steps are valid.

  1. Go to the installation folder
    a. Desktop version: Install EmEditor. Open the folder that contains the EmEditor executables like EmEditor.exe. By default, this is %LocalAppData%\Programs\EmEditor.
    b. Portable version: Unzip the .zip archive. Open the root folder that contains EmEditor.exe.
  2. Right-click on EmEditor.exe and click on Properties.
  3. Go to the Digital Signatures tab.
    • ✅ A digital signature should be present.
    • ❌ If there is no digital signature, the installer is untrusted. Do not run the executable.

  1. In the Embedded Signatures list, double click the entry with name Emurasoft, Inc..
    • ✅ You see a signature entry with name Emurasoft, Inc.
    • ❌ If there is no signature from Emurasoft, Inc., the executable is untrusted.

  1. In the Digital Signature Details window, check the status message at the top:
    • ✅ You see a message like: “This digital signature is OK.”
    • ❌ If the message shows “The digital signature is not valid.” or any other error message, and NOT “This digital signature is OK.”, treat the executable as untrusted.
  2. Under Signer information, verify the following fields:
    • ✅ Name: Emurasoft, Inc.
    • ✅ E-mail: info@emurasoft.com
    • ❌ If any of those fields do not match, the executable is untrusted, even if it says “This digital signature is OK.”.

Summary

  • An EmEditor executable is trusted only if all of these are true:
    • There is a Digital Signatures tab.
    • Digital Signature Details shows: “This digital signature is OK.”
    • The signer Name is Emurasoft, Inc..
    • The E-mail is info@emurasoft.com.
  • If any of these checks fails for an EmEditor executable:
    • The executable is untrusted. Do not run it as it may be malware or a corrupted executable.
    • Go to the downloads page of Customer Center and download EmEditor with a valid signature.