alancc
Level 6

How to Fill the Certificate Information for DigiCert EV CodeSigning Certficate?

Hi,

I purchase DigitCert EV Codesigning Certificate at https://www.digicert.com/code-signing/ev-code-signing/ .

Now I need to fill the certificate information in the setup project so that my project can sign the installer automatically.

How to fill the following information:

1. Certificate Store Name:

Select the name of the certificate store that contains the certificate that
you want to use. Available options are:

• Personal
• Trusted Root Certification Authorities
• Enterprise Trust
• Intermediate Certification Authorities

2. Certificate Store Location:

Select the location of the certificate store that contains the certificate
that you want to use. Available options are:

• User
• Machine

3. Certificate Subject:

Enter the subject of the certificate that you want to use, or select from
the list of certificates that are available on your machine.

I ask the question to DigiCert support. But they said they don't know InstallShield and said InstallShield may do not support EV Codesigning at all.

Labels (1)
0 Kudos
3 Replies
banna_k
Flexera
Flexera

0 Kudos

@banna_k 

Thank you for your reply.

However, before posting the question, I have already seen the documents you mentioned. THat is the reason why my question contains contents pasted from the help document. However, after reading the documents, I still don't know how to fill the "Certificate Store Name", "Certificate Store Location" and "Certificate Subject". And the provider of my certificate DigiCert also does not help on this issue. That is the reason why I ask on the community.

0 Kudos

Very good question. We also purchased an EV Code Signing certificate without knowing how many problems it generated. No support for WMWare through Remote Desktop to auto build PC, multiple build PC requires multiple Tokens,  signtool.exe requires manual typing password, and then finally ISX cannot be used to sign the files 😞

We found a hack to use signtool.exe for signing the files without the need of typing the password every time, and that can of cause be used to sign file before running ISX, and then signing the SETUP.EXE after ISX, but there is no way to sign the MSI file before compression. This I think require a more expensive IS version with support of build events.

So we will go back to the old Code Signing.

-cpede

0 Kudos