cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
mark_bewley
Level 2

Signing and Software Identifiaction Tag

I have seen the same question asked before, but can't find any answers..

If a sign the output files with a pfx I get an error when trying to sign the swidtag.

Started signing regid.xxxxxxx.swidtag ...
Invalid provider type specified.
ISEXP : error : -1027: Failed signing regid.xxxxxxx.swidtag

The pfx is an export from the Windows certificate store of a certificate signed by our AD CS.

Yes, I can set "Use Software Identification Tag" to "No" , but then I am not using the feature.
0 Kudos
(1) Reply
chiranjeevi
Level 7 Flexeran
Level 7 Flexeran

Hello,

Please try, below possible resolutions to resolve the issue:

1>The Digital Signature Password Specified During the Build is Incorrect:

Verify the password entered for the digital signature in the Digital Signature panel of the Release Wizard is accurate. Note this password is case-sensitive. If in doubt, contact the digital signature issuer or certificate authority, such as VeriSign, for the correct password.

Another way to verify if the password is accurate is by manually calling the utility "signtool.exe" to sign a file. This file is located, by default, in \InstallShield\\Support. Additional information on the command-line parameters to pass to digitally sign a file can be found in the Signing Software with Netscape Signing Tool 1.1. If the signing process fails using this method as well, it is safe to assume that the password is incorrect.

2>One or More of the Digital Signature Files is Missing:

Verify that .spc and .pvk files were entered for the digital signature in the Digital Signature panel of the Release Wizard.

3>The Digital Signature Files Have Expired and are, therefore, Invalid.
Digital Signatures are Only Valid for a Limited Time and Can Cause this Error When Expired. If the digital signature has expired, contact the digital signature issuer, such as VeriSign, to purchase a new digital signature. The "signtool.exe" utility can be used to manually sign a file, to ensure it works correctly. This would easily determine if the problem is caused by an expired or incorrect password or for some other reason.

4>The Digital Signature Syntax Entered Into the "Build Your Release" View is Incorrect:

The information entered in the Digital Signature panel of the Release Wizard must be accurate for the signing to complete properly. Make sure the URL specified is accurate, and the .spc and .pvk files specified are located in the path indicated.

5>The File "Signtool.exe" is Not Present on the Build Machine:

When building from the command-line utility IsSaBld.exe (InstallShield 2008 and older) or IsCmdBld.exe (InstallShield 2009 and later) on a Standalone build machine and the file "Signtool.exe" is not present on the build machine.

Search for the file "signcode.exe" in the \InstallShield\StandaloneBuild directory. If this is not present, manually copy it to this location from

one of the following sources:
A machine that has the full version of the InstallShield IDE installed. This file can be found in the following location: \Macrovision\\System.
The InstallShield CD. Perform a search in Windows to locate this file on the CD itself.

6>The Caps Lock Key is Enabled:

Disable the Caps Lock key.

Hope this helps.

Regards,
Chiranjeevi
0 Kudos