This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- InstallShield
- :
- InstallShield Forum
- :
- EV Code Signing Certificate Support
Subscribe
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Nov 09, 2017
06:45 PM
EV Code Signing Certificate Support
Any plans to support EV Code Signing Certificates? They are getting to be a requirement for software distribution since they bypass the SmartScreen reputation building phase. Seems like newer versions of Windows 10 are more particular about programs without EV Code Signing.
Our solution is to pre-sign all the executables and post sign the MSI file after InstallShield creates it.
Using the security token does not seem to work with InstallShield as there does not seem to be any way to pass all the required signtool parameters. I'm not even sure if InstallShield uses signtool anymore, but it would be nice if we could simply pass in a signtool command line like Visual Studio allows.
Our solution is to pre-sign all the executables and post sign the MSI file after InstallShield creates it.
Using the security token does not seem to work with InstallShield as there does not seem to be any way to pass all the required signtool parameters. I'm not even sure if InstallShield uses signtool anymore, but it would be nice if we could simply pass in a signtool command line like Visual Studio allows.
- Tags:
- code sign
(2) Replies
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Nov 14, 2017
07:57 PM
I haven't upgraded InstallShield in a few versions so I'm not really sure what is and isn't supported. But I did want to point out that if you are just building a MSI you could always sign it postbuild. If you are building a setup.exe bootstrapper/chainer/suite installer it probably gets more complicated.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Dec 14, 2017
09:28 AM
We ran into the same problem. With our EV code-signing certificate, we had so many roadblocks that it became a nightmare to script our builds. Additionally, we have multiple build servers (to do concurrent builds) and would require a separate physical EV cert on each build server. Our certificate vendor wouldn't provide duplicates. (that may be part of the requirements for EV, I'm not sure).
Eventually we just cancelled our EV and went back to a standard .PFX cert. I am hoping that by the next cert renewal time that InstallShield will support EV.
Eventually we just cancelled our EV and went back to a standard .PFX cert. I am hoping that by the next cert renewal time that InstallShield will support EV.