This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- InstallShield
- :
- InstallShield Forum
- :
- Specify timestamp server URL when signing files in ISE 2008?
Subscribe
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Dec 17, 2008
04:36 PM
Specify timestamp server URL when signing files in ISE 2008?
Does ISE 2008 specify a timestamp server when signing files?
If so, is there a way to explicitly specify the timestamp server URL that is passed to signtool.exe? Our certificate is from Comodo, not Verisign...
I could manually sign our own executables and the setup.exe outside of ISE, but I also want to sign the .msi file, and so I’m trying to get this done via the ISE 2008 “signing tab”. But I can't find anywhere to set the timestamp server URL. ISE 2009 apparently has added a setting for this in Settings.xml, but that doesn't help my situation with ISE 2008...
Alternatively, is there a way to get at the command line used by ISE 2008 when it invokes signtool.exe?
Thanks in advance for any help or suggestions,
Ramon
If so, is there a way to explicitly specify the timestamp server URL that is passed to signtool.exe? Our certificate is from Comodo, not Verisign...
I could manually sign our own executables and the setup.exe outside of ISE, but I also want to sign the .msi file, and so I’m trying to get this done via the ISE 2008 “signing tab”. But I can't find anywhere to set the timestamp server URL. ISE 2009 apparently has added a setting for this in Settings.xml, but that doesn't help my situation with ISE 2008...
Alternatively, is there a way to get at the command line used by ISE 2008 when it invokes signtool.exe?
Thanks in advance for any help or suggestions,
Ramon
(3) Replies
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Dec 17, 2008
05:25 PM
I don't think you're required to use the Comodo timestamp server just because it's a Comodo certificate, but you're out of luck on built in methods for changing this. The only workaround I can think of would be to create your own signtool.exe, which replaces and calls a backup of the one we provide, reinterpreting the command-line parameters to modify the timestamp server.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Aug 21, 2009
03:16 AM
Is it really necesaary to have the files timestamped? Our internet connection was down and we were not able to connect to the timestamp server so all our builds resulted in warnings and errors.
I would like to have the option to turn of the timestamping
I would like to have the option to turn of the timestamping
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Aug 21, 2009
11:11 AM
In IS2009 and later there's a setting to change or remove the timestamp server - we added this for the reasons you mention.
We default to timestamping your files because without a timestamp, the signature expires the same time that your certificate expires. As certificates are often granted for a single year, this is far too early an expiration for most uses. With the timestamp, the signature doesn't expire until the timestamp certificate expires, which is generally at least several years further down the road.
We default to timestamping your files because without a timestamp, the signature expires the same time that your certificate expires. As certificates are often granted for a single year, this is far too early an expiration for most uses. With the timestamp, the signature doesn't expire until the timestamp certificate expires, which is generally at least several years further down the road.