Level 4

PSA - If code signing, you must update Timestamp server by Oct-31-2019

DigiCert is shutting down the Symantec timestamp service that InstallShield uses by default as of October 31.

If you look at your EXE or MSI in Windows File Explorer > Properties > Digital Signatures, then click on the signature, then click Details, you will see "Countersignature" at the bottom of the window.  If this does not say DigiCert then you need to update InstallShield's settings.xml file.

Flexera  support pointed me to their HelpNet article on how to do this:  https://helpnet.flexerasoftware.com/installshield25helplib/installshield25helplib.htm#helplibrary/Se...

For InstallShield 2016 Premier English language version, the settings.xml file was located in this folder:  C:\Program Files (x86)\InstallShield\2016\Support\0409

After making a backup of the file I used Notepad++ to change these 2 XML tags:

<DigitalSignature Timestamp="http://timestamp.verisign.com/scripts/timstamp.dll"/>
<DigitalSignature TimestampRFC3161="http://sha256timestamp.ws.symantec.com/sha256/timestamp"/>

I then built a project and checked the digital signature again, which then showed DigiCert.

Labels (1)
0 Replies