This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- InstallShield
- :
- InstallShield Forum
- :
- Building the installer - Digital Signature hijacks keyboard
Subscribe
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Apr 28, 2010
09:35 AM
Building the installer - Digital Signature hijacks keyboard
During build when app needs to digitally sign, the app responsible for automating the entry of the password seems to be using actual keyboard interrupts to do so.
Thus, if I am working in some app that can take keyboard input, that password input is directed into whatever app that I am working on (the password appears in the app).
Similarly, if I switch to another computer (I have two pc's which I switch between) the digital signature will fail.
Using a .pfx
This is a significant productivity problem.
Does anyone have any ideas for fixing this or does Flexera know about this problem?
Thus, if I am working in some app that can take keyboard input, that password input is directed into whatever app that I am working on (the password appears in the app).
Similarly, if I switch to another computer (I have two pc's which I switch between) the digital signature will fail.
Using a .pfx
This is a significant productivity problem.
Does anyone have any ideas for fixing this or does Flexera know about this problem?
(7) Replies
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Apr 28, 2010
05:34 PM
It sounds like you're describing the behavior for signing with .spc/.pvk files, which is due to a limitation in signcode.exe; when signing with a .pfx file, this should not occur, as signtool.exe supports better ways of handling the password.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎May 20, 2010
08:15 AM
MichaelU wrote:
It sounds like you're describing the behavior for signing with .spc/.pvk files, which is due to a limitation in signcode.exe; when signing with a .pfx file, this should not occur, as signtool.exe supports better ways of handling the password.
My IDE takes control of the PC as well... could it be that I typed in the box and caused the error??
It appears that all signing options were "successful".
I chose to use the .spc/.pvk files because I figured they were the files that came from VeriSign... however, I did generate a .pvk file... do you think that will that resolve my build issues:
Started signing 1046.mst ...
Succeeded
Started signing 1034.mst ...
Succeeded
Started signing 1033.mst ...
Succeeded
Media table successfully built
Started signing Data1.cab ...
Succeeded
ISDEV : error -6259: Internal build error
ISDEV : fatal error -6260: Internal build error
DTII\Release 4.0.x - 2 error(s), 5 warning(s)
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎May 20, 2010
10:02 AM
You can't sort this problem out. The workaround is not to use any other app until the build process has got passed the signing stage.
Installshield's build process is using the handle for the singcode.exe, once it sets the handle to this app to foreground and then 'by chance you change to another app', then the app in the foreground will see the text that was meant for signcode.
As MichaelU said, if you use another method, then you shouldn;t see this problem.
Installshield's build process is using the handle for the singcode.exe, once it sets the handle to this app to foreground and then 'by chance you change to another app', then the app in the foreground will see the text that was meant for signcode.
As MichaelU said, if you use another method, then you shouldn;t see this problem.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎May 20, 2010
10:17 AM
Yup thanks... in all three instances when it failed, man it didn't like me doing anything else on my system. I just can't idle for very long watching something so boring... lol
I switched to pfx and life is good....
I guess that's fine because at least I know I am securing the other two files for protection purposes and as long as the password is not stored in plain text anywhere in the MSI.... I'm good to go!
Thanks!
I switched to pfx and life is good....
I guess that's fine because at least I know I am securing the other two files for protection purposes and as long as the password is not stored in plain text anywhere in the MSI.... I'm good to go!
Thanks!
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎May 21, 2010
10:11 AM
lam1278 wrote:
as long as the password is not stored in plain text anywhere in the MSI.... I'm good to go!
Thanks!
Correct, the password is used at build time, therefore the msi does not contain it, it doesn't need to.
Vijay.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎May 21, 2010
05:48 PM
Also, watch out for the caps lock. I have seen that cause an error even when I leave the keyboard and computer alone during build. Removing the caps lock allows the original password (added during Release Wizard) to work correctly.
Not applicable
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Jun 23, 2010
10:10 AM
I recommend you convert the spc and PVK files to a PFX.
I've noticed when using spc and pvk files, if you use any IM application while installshield is building (for example to notify your testing team that a new version is on its way), it can send your password in the clear, followed by a carriage return, to that application (which then gleefully sends your password on to whoever you were chatting with!)
This can be especially embarrassing if you follow the convention of using passwords which you would be embarrassed to either write down or tell someone else :eek:
I've noticed when using spc and pvk files, if you use any IM application while installshield is building (for example to notify your testing team that a new version is on its way), it can send your password in the clear, followed by a carriage return, to that application (which then gleefully sends your password on to whoever you were chatting with!)
This can be especially embarrassing if you follow the convention of using passwords which you would be embarrassed to either write down or tell someone else :eek: