InstallShield digital signing feature uses a timestamp server from Symantec which is being decommissioned (more details here) and migrated to Digicert. Signing with new DigiCert URL causes breakage in Digital Signing
When signing an installer with SHA-256 digest, using the new Digicert server (http://timestamp.digicert.com), the resulting installer is signed by SHA-256 digest, but the countersignatures are signed with SHA1 due to an incorrect order in which InstallShield calls the signing APIs
Please refer following InstallShield KB article to download and install Digital Signing Patch for InstallShield 2015 SP2 and above
The patch is applicable only to versions of InstallShield editor available in the following versions of AdminStudio
AdminStudio 2016 SP2
AdminStudio 2018 R3
AdminStudio 2018 R4
AdminStudio 2019 R2
If there are any additional issues, please contact our Technical Support team
Nov 07, 2019 01:02 AM