Until version 8.8.7 of Notepad++, the developer used a self-signed certificate, which is available in the Github source code. That doesn’t sound wise.

This is the explanation for why: notepad-plus-plus.org/…/v883-self-signed-certific…

2025-07-09 *“Sometimes, when one door closes *(lack of code signing) in life, another one opens (vulnerability) .” The sentence sumarizes well the situation in the previous version, 8.8.2. There were - and still are - many false-positives reported in the previous version v8.8.2, by the antivirus software due to the absence of Windows code signing certificate. ~~To prevent this issue from recurring in future releases, from this version the Notepad++ release is signed with a certificate issued by a self-signed Certificate Authority (CA). The root certificate is published on the Notepad++ website, GitHub repository & Notepad++ User Manual, allowing antivirus vendors, IT teams and users to verify the authenticity of each release. How to install the root certificate: Double-click the certificate, it may tell you it’s invalid, ignore that and click: “Install Certificate..”. In the Certificate Import Wizard, select “Local Machine”, then click Next. If prompted by UAC (optional, depending on admin Previleges), click Yes. Choose “Place all certificates in the following store”, then browse and select “Trusted Root Certification Authorities”. Click Next. On the final page of the wizard, click Finish to complete the installation. ~~For detailed instructions, see Notepad++ User Manual. We’re still trying to obtain a certificate issued by conventional Certificate Authorities, for a better user experience. But let’s be honest: it’s probably not happening. Notepad++ isn’t a business - it’s certainly not an enterprise - and apparently, that makes a popular open-source project invisible to their gatekeeping standards. If the “gatekeepers” won’t issue a certificate under the name we deserve - so be it. At least it spares us from wasting time and energy on a frustrting process that demands we beg for a new certificate every 3 years. The Notepad++ Root Certificate may not carry their approval, but it leads us to freedom. *Edit (2025-12-03): Starting with v8.8.7, Notepad++ binaries - including the installer - are digitally signed using a legitimate certificate issued by GlobalSign. As a result, Installation of the Notepad++ root certificate is no longer required. We recommend that users who have previously installed the root certificate remove it.*

I give up trying to fix the formatting. I had it right, but then adding the image, fucked everything up again, and now blorp crashes when I try to edit it again. I guess this will be one of the rare cases when you do have to read the article in order to be informed instead of just the comments.