cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
JBeauvais
Level 3

Digitally signing support files

Does anyone know how to digitally sign the files that can be added to Disk1? (Behavior and Logic > Support Files > Advanced Files > Disk1) When signing an install using InstallShield, it will sign the setup.exe and Windows Installer Package, and then exes, dlls, and other signable files that are added to the package itself. However, I see no way to sign an executable that sits at the root of the disk. Our autorun.inf runs an executable (autorun.exe), which in turn runs setup.exe and I'd like the install to sign autorun.exe. I've tried a couple of things, adding the file to the "Include Patterns and Files" using various paths, but no luck. Has anyone needed to do this and succeeded?

Thanks.
Labels (1)
0 Kudos

(2) Replies
randalledick
Level 3

I have a similar issue. Using InstallShield Limited Edition on Windows 10 with VS 2013 Ultimate Edition.

When creating a singleimage setup.exe I sign the setup.exe as well as the dlls and exe files contained in that setup using signtool.

The setup file downloads without warnings, however UAC produces an unknown publisher on my .msi file. I see no way that InstallShield gives an opportunity to sign that file before it is packaged up into the setup.

Is there a work around? Perhaps first creating a CDROM build, signing the MSI then packaging up into a single image setup.exe? I don't know how to create a "singleimage" setup from the CDROM contents.
0 Kudos
randalledick
Level 3

randalledick wrote:
I have a similar issue. Using InstallShield Limited Edition on Windows 10 with VS 2013 Ultimate Edition.

When creating a singleimage setup.exe I sign the setup.exe as well as the dlls and exe files contained in that setup using signtool.

The setup file downloads without warnings, however UAC produces an unknown publisher on my .msi file. I see no way that InstallShield gives an opportunity to sign that file before it is packaged up into the setup.

Is there a work around? Perhaps first creating a CDROM build, signing the MSI then packaging up into a single image setup.exe? I don't know how to create a "singleimage" setup from the CDROM contents.


Clicking on Releases in Solution Explorer,
Then clicking single image, presents a set of tabs one of which is Signing. There's an option to sign output files, and allows you to sign the setup.exe and the windows installation package (msi)

However, I'm using a Extended Validation Code signing token from Symantec. Not sure how to fill in the fields, not using a URL, certificate file (in token I believe). Is this compatible with Symantec EV Code signing?

Is there some option to provide a command line input?