cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
delderkidasa
Level 3

EV Code Signing Certificate Support

Any plans to support EV Code Signing Certificates? They are getting to be a requirement for software distribution since they bypass the SmartScreen reputation building phase. Seems like newer versions of Windows 10 are more particular about programs without EV Code Signing.

Our solution is to pre-sign all the executables and post sign the MSI file after InstallShield creates it.

Using the security token does not seem to work with InstallShield as there does not seem to be any way to pass all the required signtool parameters. I'm not even sure if InstallShield uses signtool anymore, but it would be nice if we could simply pass in a signtool command line like Visual Studio allows.
Labels (1)
0 Kudos
(2) Replies
Christopher_Pai
Level 16

I haven't upgraded InstallShield in a few versions so I'm not really sure what is and isn't supported. But I did want to point out that if you are just building a MSI you could always sign it postbuild. If you are building a setup.exe bootstrapper/chainer/suite installer it probably gets more complicated.
0 Kudos
MGarrett
Level 6

We ran into the same problem. With our EV code-signing certificate, we had so many roadblocks that it became a nightmare to script our builds. Additionally, we have multiple build servers (to do concurrent builds) and would require a separate physical EV cert on each build server. Our certificate vendor wouldn't provide duplicates. (that may be part of the requirements for EV, I'm not sure).

Eventually we just cancelled our EV and went back to a standard .PFX cert. I am hoping that by the next cert renewal time that InstallShield will support EV.
0 Kudos