WiX: Digitally Sign BootStrapper project
I have a project for which I have built a WiX msi file. I also have a WiX bootstrapper (exe file) that checks for the existence of C++ 2005, installs it if not found and th
-
For me using WiX's in-built tool
insigniais the most straight-forward. Here's the steps I made to do code-sign a WiX MSI and bootstrap installer:
(steps 1 & 2 are just set up to make 3 & 4 read easy and more reusable and updatable! Steps 3 & 4 are the actual signing)- Set up the
signtoolas a batch file in my PATH so that I can call it and change it easily. I'm running Windows 10 and so my "signtool.bat" looks like this:
"c:\Program Files (x86)\Windows Kits\10\bin\x64\signtool.exe" %* - Set up
insigniaas a batch file in my PATH too so you can change it with new WiX builds as they come. My "insignia.bat" looks like this:
"C:\Program Files (x86)\WiX Toolset v3.10\bin\insignia.exe" %* - Sign my MSI in a post-build event (MSI Project -> Properties -> Build Events) by calling this:
signtool sign /f "c:\certificates\mycert.pfx" /p cert-password /d "Your Installer Label" /t http://timestamp.verisign.com/scripts/timstamp.dll /v $(TargetFileName) Sign my bundle in a post-build event for the bootstrap project like this:
CALL insignia -ib "$(TargetFileName)" -o engine.exe
CALL signtool sign /f "c:\certificates\mycert.pfx" /p cert-password /d "Installer Name" /t http://timestamp.verisign.com/scripts/timstamp.dll /v engine.exe
CALL insignia -ab engine.exe "$(TargetFileName)" -o "$(TargetFileName)"
CALL signtool sign /f "c:\certificates\mycert.pfx" /p cert-password /d "Installer Name" /t http://timestamp.verisign.com/scripts/timstamp.dll /v "$(TargetFileName)"
Further notes and thoughts:
I have also signed the application (I think) by just doing
Project Properties -> Signingand enabling click-once manifests, selecting the certificate and checking theSign the assemblyoption.Specifying CALL is necessary in post-build events when calling a batch file or only the first one gets called.
- Set up the
加载中...
- 热议问题