Code signing

All AIR installer files are required to be code signed. Code signing is a cryptographic process of confirming that the specified origin of software is accurate. AIR applications can be signed using either by a certificate issued by an external certificate authority (CA) or by a self-signed certificate you create yourself. A commercial certificate from a well-known CA is strongly recommended and provides assurance to your users that they are installing your application, not a forgery. However, self-signed certificates can be created using adt from the SDK or using either Flash, Flash Builder, or another application that uses adt for certificate generation. Self-signed certificates do not provide any assurance that the application being installed is genuine and should only be used for testing an application prior to public release.