Showing results for 
Show  only  | Search instead for 
Did you mean: 

Build Warning -7346

Build Warning -7346


When building an InstallShield 2015 and later project that is signed with a SHA-1 certificate, ISDEV: warning -7346 occurs.


When building an InstallShield 2015 and later project that is signed with a SHA-1 certificate the following error occurs:

ISDEV : warning -7346: The files in this release are being signed with a SHA-1 certificate. Windows will not trust files that were signed with SHA-1 certificates if they were signed after January 1, 2016


This warning occurs if your project is configured to use a SHA-1 certificate to digitally sign your release at build time.

Starting January 1, 2016, Windows 7 and higher (and its Windows Server counterparts) will no longer trust any code that is signed with a SHA-1 code signing certificate and that contains a timestamp value greater than January 1, 2016. This restriction will not apply to the timestamp certificate or the certificate?s signature hash until January 1, 2017, after which time, Windows will treat any SHA-1 timestamp or signature hash as if the code did not have a timestamp signature.

In light of this, InstallShield 2015 has revised the way it signs installation and files at build time in order to support signing with SHA-256 certificates. Additionally, InstallShield will automatically use a SHA-256 hash in the signature of the files that it signs at build time if the project has been configured to sign with a SHA-256 certificate. SHA-256 is favored over SHA-1, which is being deprecated because of the potential for security vulnerabilities.


It is recommended that you replace any SHA-1 certificates in your InstallShield projects with SHA-256 certificates. In InstallShield, to replace a SHA-1 certificate with a SHA-256 certificate for signing your releases, use the Signing tab in the Releases view to replace the reference to the current certificate with one for a SHA-256 certificate.

Additional Information

For more information on the SHA-256 policy Microsoft is enforcing with Windows along with information on Windows Vista/Server 2008 requiring a SHA-1 signature, please refer to the following article: Windows Enforcement of Authenticode Signing and Timestamping

For more information on how InstallShield 2015 handles digital signing, please refer to the Support for SHA-256 Digital Certificates section of the InstallShield 2015 Release Notes: InstallShield 2015 Release Notes

For more information on digital signing and security, please refer to the following HelpNet article: Digital Signing and Security
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Jun 04, 2018 12:00 AM
Updated by: