cancel
Showing results forĀ 
ShowĀ Ā onlyĀ  | Search instead forĀ 
Did you mean:Ā 
jostimmermans
Level 3

InstallShield Express doesn' t load certificate from certificate store, error 1027

For signing singleimage installation packages and the executables inside the packages I use a code signing certificate obtained from Sectigo. Recently I got an email from Sectigo that certificates will no longer be  issued in the form of a pfx file, but as a token instead which is compatible with the Microsoft Certificate Store.

To be prepared for the change I decided to import my certificate into the Microsoft Certificate Store and change the signing from using pfx file into certificate store. InstallShield Express recognised my certificate from the Cetificate Store , Digest Selection: based on the certificate hash and I started the build of the project.

Instead of the predicted multiple password requests, I got error 1027 for every signing  attempt.

Is this error 1027 caused by the fact that the certificate is a SHA384 and not a SHA1 or SHA256?

The signing using the pfx file works perfect. 

Jos

Labels (1)
0 Kudos
(5) Replies
StefanoMaind
Level 2

HI, did you solve this problem? I have the same situation

thanks

Stefano

0 Kudos

Hello Stefano,

I tried to have the certificate regenerated, but they didn't want to do that anymore.

So I decided to wait until the end of this year where my certificate expires and I have to buy  a certificate store on USB media. For certificate store used by InstallShield you need an SHA1 or SH256 certificate, not an SHA384

Regards,

Jos

0 Kudos

It is sad that the attempt to regenerate the certificate failed. Waiting until the year-end expiration date sounds like an acceptable option. It is critical to maintain compatibility with InstallShield's certificate storage, which requires SHA1 or SHA256, not SHA384. A practical technique, although resolving the certificate issue as soon as possible would be great.

0 Kudos
StefanoMaind
Level 2

Thanks for the reply. My certificate expires in three years so I will have to sign the files before doing the setup and then sign the setup using for example SignTool

0 Kudos

Installshield (Express) can sign the executables (exe, dll, ocx,...) inside a package. Your certificate can be in a file or in the certificate store. That has worked very well so far for me.

0 Kudos