c# - How to sign installation files of a Visual Studio .msi

Question

Welcome To Ask or Share your Answers For Others

c# - How to sign installation files of a Visual Studio .msi

posted Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

c# - How to sign installation files of a Visual Studio .msi

I recently purchased an authenticode certificate from globalsign and am having problems signing my files for deployment. There are a couple of .exe files that are generated by a project and then put into a .msi. When I sign the .exe files with the signtool the certificate is valid and they run fine. The problem is that when I build the .msi (using the visual studio setup project) the .exe files lose their signatures. So I can sign the .msi after it is built, but the installed .exe files continue the whole "unknown publisher" business. How can I retain the signature on these files for installation on the client machine?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-23T18:43:52+0000

You can add the following PostBuildEvent to your VS Setup project (project properties):

Windows 8.0:

"C:Program Files (x86)Windows Kits8.0inx86signtool.exe" sign /a  $(BuiltOuputPath)

Windows 10:

"C:Program Files (x86)Windows Kits10inx86signtool.exe" sign /a  $(BuiltOuputPath)

Project properties window

See this MSDN documentation for signtool usage. You can use the /f flag to specify the signing certificate, /p to specify the cert's password, etc

Also, note that $(BuildOuputPath) is misspelled. This is on purpose. Thanks microsoft...

Categories

c# - How to sign installation files of a Visual Studio .msi

c# - How to sign installation files of a Visual Studio .msi

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags