Use X.509 cryptography sharing your public keys from self-signed-certificates.
Developers who sign software with self-signed certificates can register their public keys associated to a GitHub account.
Users can search and install developer certificates to enable digital signature verification.
Use CertCentral to share the certificates used to sign your MSIX/APPX packages.
Trust a certificate by thumbprint (requires elevation).
ccc trust -u USERNAME -t THUMBPRINT
List all registered users.
List certificates associated to a user.
ccc certs -u USERNAME
Search by thumbprint.
ccc search -t THUMBPRINT
Query the status of the trusted certificates.