Free Installer InstallAware for Windows Installer Header Image Windows Installer without Rocket Science

  InstallAware Blog


InstallAware X4 Brings You Tomorrow!

April 17th, 2016

InstallAware X4 brings you tomorrow, without throwing away today:

1) Windows Store Bridge: InstallAware X4 has been the first to launch with a live, fully functional Windows Store Bridge that gets Desktop app installers in the Windows 10 Store, today; with full elevation and privileges.

2) Social Networking: InstallAware X4 has also been the first to launch with social networking plug-ins; making posts to Twitter and Facebook an optional or mandatory part of your installation.

3) SHA256: Microsoft has made it clear that installers must support SHA256 code signing; with double signing required in places. InstallAware X4 single, double, or null signs your files in automatic compliance.

4) Script Functions: InstallAware X4 is the first ever InstallAware release to allow for construction of script functions, using the enhanced Include Script and brand new Return from Include Script commands.

5) Teamwork: InstallAware X4 now integrates with Team Foundation Server 2015 Update 1, enabling global collaboration with seamless source-control integration directly inside the InstallAware X4 IDE.

New InstallAware X4 with Windows Store Bridge, Social Plug-Ins

April 3rd, 2016

InstallAware X4 is launching on Friday this week, following the conclusion of a nine month intensive R&D cycle and crowning InstallAware‘s 12th year in the business:

Windows Store Bridge: Get your Win32, Win64, and .NET apps in the Windows Store TODAY – including elevation, admin level wizardry, and full system access. Microsoft underwhelmed us a bit at Build 2016 with their progress on Project Centennial and its limitations – so skip the wait and get all your native and managed applications in the Windows Store today.

Social Plug-Ins: Tweet to Twitter and Share on Facebook at any point during your installation. InstallAware X4 automatically invokes REST APIs to authenticate your end-users on their social networks, and then completes postings on their behalf. You may even make postings mandatory before allowing your end-users to proceed.

SHA 256 Code Signing: We’ve solved Microsoft’s code signing riddles for 2016 and beyond. InstallAware X4 analyzes your files for existing signatures, their type, size, and the underlying operating system powering your build platform. Based on this information, it selects the Microsoft compliant code signing strategy, automatically.

Team Foundation Server 2015: InstallAware X4 now integrates with Team Foundation Server 2015 Update 1, enabling globally distributed project collaboration.

IDE Zoom: Zoom in and out of your script with eagle eyes to find exactly what you are looking for. Comes with quick previews to find your ideal zoom level, too!

Updated Theme Assets: Both the IDE and the setup engine have been updated with the latest Windows 10 graphic assets, ensuring a smoother look for your setups.

Script Functions: Every InstallAware programmer’s dream is here. Using the new Return from Include Script command and the enhanced Include Script command, its a snap to build your own script functions – with their own custom return values.

Get your apps in the Windows Store today, go social with your installers, and attain 100% standards compliance with InstallAware X4.

How to Comply With Microsoft’s New Code Signing Policy Using InstallAware X3’s New Build Events

February 8th, 2016

In this tutorial we are going to show you how to make your installer packages conform with Microsoft’s new code signing policy. The “Windows Enforcement of Authenticode Code Signing and Timestamping” is effective as of January 1, 2016. This new policy basically mandates the deprecation of SHA-1 code signing certificates, time stamps, and file hashes for Code Signing. The new Microsoft Policy involves SHA-2 code signing certificates, time stamps, and file hashes as part of the updated policy:

Fortunately this can be easily achieved following the few steps described with this tutorial. This is entirely based on the use of the new “Build Events” feature available with InstallAware X3.

The “Build Events” feature makes it possible to run any third party process as an integral part of a build process. A “Process” is any executable and may be invoked during the various stages of a build that InstallAware follows while packaging your apps.

In this tutorial, we will not be boring you with the details of the new Code Signing Policy. If you are interested in resolving the overt contradictions in the Microsoft documentation and fancy that sort of a wild goose chase, please enjoy the official Microsoft documentation linked above. Having suffered through the nitty gritty details at InstallAware HQ on your behalf, we will be sparing you this pain; and focus on just the steps necessary to comply with the new Code Signing Policy in order to let you to build trusted setup packages.

Let us start with an overview of the setup binaries produced by a build which need code signing. These are of course, the MSI and/or EXE binaries that comprise your setup files. Please note that if you are setting the NO_MSI compiler variable to TRUE – meaning that you are opting to build a pure Native Engine installation, without any Windows Installer (MSI) bloat – in that case, you may omit the steps for the MSI files below. Similarly, when you are building a pure Windows Installer target (no final EXE output), you may omit the steps for EXE files.

These are in summary the targets that need to comply with the new Code Signing Policy. We may now proceed to the implementation using InstallAware X3.


Requirements for This Tutorial

•     InstallAware version X3,

•     An SHA-2 code signing certificate,

•     A recent version of the Microsoft SignTool.exe that supports double signing. This tool is included with the Windows 8 SDK, Windows 8.1 SDK and Windows 10 SDK.

Once the SDK is installed, the SignTool.exe binary is generally found inside one of the following directories:

  • C:\Program Files (x86)\Windows Kits\8.0\bin\x86
  • C:\Program Files (x86)\Windows Kits\8.1\bin\x86
  • C:\Program Files (x86)\Windows Kits\10\bin\x86


Getting Started

Make sure the “Sign the package with Authenticode” checkbox in the Build | Authenticode page of your Project Options window is UNCHECKED. This step is necessary since we are replacing the default code signing process in InstallAware X3.


Defining Build Events to Sign an Uncompressed Build Layout

With this kind of build its necessary to apply the digital signature to the following files which are part of an uncompressed build layout for a setup package (such as, for a DVD/Blu-Ray distribution target). These are stored at build time under your project’s “uncompressed” output folder.

•     <PackageName>.exe

•     <PackageName>.msi

•     \data\<PackageName>.msi

1. In the Project Options dialog (“CTRL+SHIFT+F11”) select the “Post-Build” event node listed within the left tree pane control. Then in the Commands field enter the following command line sequence.

- “#IADIR#\authenticode\SignTool.exe” sign /f <SHA2_cert> /t <SHA1_timestamp_url> /p <cert_password> “#PROJDIR#\Release\Uncompressed\#TITLE#.msi”

- “#IADIR#\authenticode\SignTool.exe” sign /f <SHA2_cert> /t <SHA1_timestamp_url> /p <cert_password> “#PROJDIR#\Release\Uncompressed\Data\#TITLE#.msi”

- “C:\Program Files (x86)\Windows Kits\10\bin\x86\SignTool.exe” sign /f <SHA2_cert> /t <SHA1_timestamp_url> /p <cert_password> “#PROJDIR#\Release\Uncompressed\#TITLE#.exe”

- “C:\Program Files (x86)\Windows Kits\10\bin\x86\SignTool.exe” sign /f <SHA2_cert> /as /fd sha256 /tr <SHA256_timestamp_url> /td sha256 /p <cert_password> “#PROJDIR#\Release\Uncompressed\#TITLE#.exe”


a) Press CTRL+ENTER to start a new command line. Each new line above represents a new command line and a new process invocation.

b) Ensure to update paths to the folder where the SignTool.exe binary is actually located on your system. In the above example, a typical path for the Windows 10 SDK on a 64-bit operating system has been used.

c) You will need to replace these tokens with your actual desired targets:

<SHA256_timestamp_url>: Replace with the actual time stamp server URL to use, for example

<cert_password>: Replace with your code signing certificate password (we better not know what that is, right?)

<SHA2_cert>: Enter the full path to your code signing certificate file here. Ensure to enclose the entire path string inside double quotes (“”) if the path to your code signing certificate contains spaces. Those adventurous among you may also opt to use the short path name for the certificate, if you are averse to using paths with spaces in them (even when they have been double-quoted).

Notice how, in the above command line sequence, we have refrained from hard-coding any folder paths and file names, insofar as your project folder and setup name is concerned. The examples above make use of the pre-defined compiler variables #PROJECTDIR#, #IADIR# and #TITLE#, instead of hard-coding folder paths and file names. These compiler variables are automatically resolved to their final values during the build process. This helps you use the exact same commands across all of your setup projects; without having to engage in the laborious task of updating paths and file names across projects, and/or having to update them when you actually move project folders around/change setup names.

2. In the Post-Build event settings, you may want to check the “Abort build on error (if any command returns non-zero result)” checkbox. Checking this box fails the setup build process when any invoked application returns a non-zero error code as its exit code, which is typically how an error condition is indicated on the command line. You may also want to keep this box unchecked, if you don’t care to break your build process when an intermittent failure occurs with a code signing time stamp server (or if it is not otherwise critical for your code signing to succeed).

3. Finally in the Project Options dialog, select the OK button to confirm the Post-Build event settings. Then rebuild the project. You’re done!

Defining Build Events to Sign a Compressed, Web, or Patch Build Layout

With all other build targets, including a Single Compressed File (monolithic) installer, a Web Build (main setup file plus optional web media block files), or a Patch Build; we need to define either a Post-Compress Event (if your final build target is an EXE file) or a Post-Wrap event (if your final build target is an MSI file).

Note that you could also “nest” your signatures all the way in, if you wanted to. Since any compressed setup is ultimately composed of files found in an uncompressed layout (which are then packaged into a single [or a few, in the case of a web build’s web media block files] file), there’s no harm in signing all those source materials as well.

While Windows will obviously not display any additional elevation requests once you have already elevated the main entry point of your setup package, you may want to use this trick of nested package signing for reasons of improving your chances of preventing false positives with anti-virus software. Anti-viruses have indeed become a cure worse from the disease, often hindering legitimate setups from installation. It may help your installation success rates to sign your packages from top to bottom (although, to set your expectations right; some anti-virus vendors have gotten so aggressive, that your mileage may vary even with everything signed inside out).

So if you want to do the nesting, copy over/retain the Post-Build event instructions for Uncompressed Builds to your compressed build types as well. Of course, remember to replace the string “uncompressed” with the string “single”, “web”, or “patch” based on your new distribution target.

Again while nesting, when building a single MSI file target, retain the Post-Compress event instructions (normally, you would only need to implement the Post-Wrap event instructions).


So here are the Post-Compress build events for a Single File Compressed Build:

- “C:\Program Files (x86)\Windows Kits\10\bin\x86\SignTool.exe” sign /f <SHA2_cert> /t <SHA1_timestamp_url> /p <cert_password> “#PROJDIR#\Release\Single\#TITLE#.exe”

- “C:\Program Files (x86)\Windows Kits\10\bin\x86\SignTool.exe” sign /f <SHA2_cert> /as /fd sha256 /tr <SHA256_timestamp_url> /td sha256 /p <cert_password> “#PROJDIR#\Release\Single\#TITLE#.exe”

Here are the Post-Compress build events for a Web Compressed Build:

- “C:\Program Files (x86)\Windows Kits\10\bin\x86\SignTool.exe” sign /f <SHA2_cert> /t <SHA1_timestamp_url> /p <cert_password> “#PROJDIR#\Release\Web\#TITLE#.exe”

- “C:\Program Files (x86)\Windows Kits\10\bin\x86\SignTool.exe” sign /f <SHA2_cert> /as /fd sha256 /tr <SHA256_timestamp_url> /td sha256 /p <cert_password> “#PROJDIR#\Release\Web\#TITLE#.exe”

And finally, the Post-Compress build events for a Patch:

- “C:\Program Files (x86)\Windows Kits\10\bin\x86\SignTool.exe” sign /f <SHA2_cert> /t <SHA1_timestamp_url> /p <cert_password> “#PROJDIR#\Release\Patch\#TITLE#.exe”

- “C:\Program Files (x86)\Windows Kits\10\bin\x86\SignTool.exe” sign /f <SHA2_cert> /as /fd sha256 /tr <SHA256_timestamp_url> /td sha256 /p <cert_password> “#PROJDIR#\Release\Patch\#TITLE#.exe”


Now, if you are producing an MSI output instead of an EXE output, use the following build events instead. Of course, if you will be doing nested signing, then remember to retain the above Post-Compress build events as well.

For a Single File MSI Build, use these Post-Wrap build events:

- “#IADIR#\authenticode\SignTool.exe” sign /f <SHA2_cert> /t <SHA1_timestamp_url> /p <cert_password> “#PROJDIR#\Release\Single\#TITLE#.msi”

For a Web MSI Build, use these Post-Wrap build events:

- “#IADIR#\authenticode\SignTool.exe” sign /f <SHA2_cert> /t <SHA1_timestamp_url> /p <cert_password> “#PROJDIR#\Release\Web\#TITLE#.msi”

For a Patch MSI Build, use these Post-Wrap build events:

- “#IADIR#\authenticode\SignTool.exe” sign /f <SHA2_cert> /t <SHA1_timestamp_url> /p <cert_password> “#PROJDIR#\Release\Patch\#TITLE#.msi”




That’s it!

You’ve seen how easy and versatile it can be to use InstallAware X3’s new Build Events to extend the default build process in the IDE and across the entire InstallAware build toolchain.

Please feel free to use this mechanism to do anything special you like when building your own installers. Have fun!


Francesco Toscano
Your InstallAware™ Support Team.

InstallAware X3 Update Now Shipping

January 11th, 2016

We’ve just released InstallAware X3 Update, a free upgrade for all existing customers of InstallAware X3:

New Runtimes: Including .NET FX 4.6.1, VC++ 2015 Update 1, and SQL Express 2012 with Service Pack 3.

50% Better Compression: SQL Express 2012 with Service Pack 3 goes down to half of its already Microsoft-compressed size.

Updated Visual Studio Add-In: Automatically leverage our extreme 64 bit compression in all your Visual Studio solutions.

Updated IDE: Now compatible with very large font scaling (up to 300% or more), and Windows 10 debugging support.

Tens of Fixes: Per our policy of zero-known-issues, InstallAware X3 Update fixes all your reported issues.

Update: An Exciting Scene from the New Star Wars Film

December 18th, 2015

Scene wasn’t in this episode. Probably in one of the other ones, then :)

InstallAware Wins Visual Studio SimShip Award

December 14th, 2015

Marking our fourth award in a row, Microsoft have recognized InstallAware‘s contributions to the Windows 10 eco-system with a Visual Studio Sim-Ship Award!

As prepare to welcome 2016 in excitement of the coming holidays, we thought we’d put together a small holiday gift for you, our loyal developers – without whom we wouldn’t have lasted 11 years, save piling award atop award!

Free ZIPmagic File Compression:

1) ZIPmagic is our favorite tool to work with the 7ZIP Web Media Block files created by InstallAware.

2) It is also the best all around compression app for Windows, with patent pending Windows disk compression which they invented.

3) Take $100 worth file compression functionality, including Outlook integration, WinZip compatible ZIPX/JPEG compression, and WinRAR compatible RAR5 support; for free with ZIPmagic InstallAware edition: (leave the serial field empty when installing)

Choose the software installer used by timeless software products such as Microsoft Office, Crytek Crysis, and Borland Delphi – brought to you by the largest independent software installation toolkit vendor.

From all of us at InstallAware, thanks once again for all your support over the years, and Happy Holidays!

InstallAware Wins Two ComponentSource Awards

December 2nd, 2015

2015 has been a year of phenomenal success for InstallAware – so much that we’re having trouble keeping track of all awards that are coming in! We just won two more awards from our favorite reseller, ComponentSource:

1) Top 100 Product Award
2) Top 50 Publisher Award

We’re thrilled to be working with our friends at ComponentSource in bringing you the best installer technology on the Microsoft(R) Windows(TM) platform today:

o Platform Pillars: Support Windows XP 32-bit (Original Release) through Windows 10 Build 1511 64-bit (Threshold 2) from a single setup package.

o Sidestep MS-Store: Pin your applications programmatically to the Windows 10 Start Menu Live Tiles, or the Windows 8.x Start Screen, or the Windows 7.x-8.x-10.x Taskbar, or the Windows 7.x-Vista-XP Start Menu.

o Perfect Provision: Guarantee that your setups are bullet-proof by running unattended, simultaneous tests on as many virtual machines as your hardware can handle.

o Agile Advancement: Create re-usable technology prerequisites with the Application Runtime wizard; fire Build Events based on pre and post build/compression/wrapping triggers; enjoy smart Find highlights in the IDE.

o The Team Topology: Microsoft Team Foundation Server and Microsoft Visual Studio integration enable global collaboration on setup projects.

o Flexible Funding: A floating license add-on lets you install infinite copies of InstallAware, as long as the usage is non-simultaneous. Studio and higher editions allow infinite build machines, even for simultaneous use!

o Aggresive Advance: InstallAware is the most frequently updated installer, among all commercial and open source “alternatives”.

Discover InstallAware today. You’ll be glad you did!

Windows 10 Build 1511 with InstallAware Zero-Day Support

November 15th, 2015

The first big update to Windows 10 is here, and InstallAware provides zero-day support for it – requiring absolutely no changes to any installations you have built and distributed out in the field.

InstallAware Studio X3 is not only more affordable. It is also far more capable than any other commercial or open source installer:

Windows 10 Build 1511 Zero-Day Support: Bypass the Windows Store and pin applications directly to the Start Menu Live Tiles or the Taskbar programmatically. You may have noticed popular apps like Firefox, which used to be able to pin themselves to the taskbar, recently lost this ability in Windows 10 Build 1511. That’s because only InstallAware can pin.

Runtime Wizard and Zero-Day Runtimes: Yes, we’ve built a decade long track-record of having zero-day support for new Microsoft technologies, including the latest .NET 4.6 and Visual C++ 14. As if that wasn’t good enough, we’ve also distilled our experience into a wizard that lets you create your very own zero-day technology prerequisites!

Microsoft Stack Integration: Visual Studio 2015 integration makes it one click to create an InstallAware setup or an App-V virtualized app. Team Foundation Server integration makes it one click to check-in and check-out projects from source control, empowering you to distribute your software integration efforts across a global workforce.

Break the Law of Entropy: Have you heard of the law of entropy in data compression? Data that has been compressed before cannot be recompressed. InstallAware seemingly breaks this law by recompressing data up to 50% better than Microsoft’s already-compressed sizes (ex: SQL Server Express 2014 SP1). Enjoy similar savings with your own application runtimes!

One-Click Upgrade: Whether you use InstallShield or NSIS, Wise or InnoSetup; you’ll find authoring a setup in InstallAware a breeze. Import EXE binaries or MSI databases (or if you have it, setup source code) into ready-to-build InstallAware projects, eliminating the barrier to upgrade and helping combat entrenchment in a particular vendor’s tookit.

InstallAware Wins Readers Choice Award

November 1st, 2015

The results are in! Microsoft Developer Community selected InstallAware as the Readers Choice Award Winner in the INSTALLATION, SETUP AND DEPLOYMENT TOOLS category. Thank you very much for helping make us the number one installer – we couldn’t have done this without you.

For the fourth time, Visual Studio Magazine readers have honored InstallAware as the best Visual Studio related setup programming tool. The Readers Choice survey is closely monitored. There is no ballot stuffing or vendor voting. Duplicate votes and ISP’s are removed. In sum, this result provides you with the best representation of the marketplace; best of breed tools.

The one and only InstallAware Studio X3 is unique in the following ways:

Pin to the Windows 10 Start Menu and Taskbar: Microsoft recently disabled programmatic access to the Windows 10 Taskbar. Microsoft had never allowed to pin to the new Windows 10 Start Menu either. InstallAware does both, bridging you into the most prime real estate on the Windows 10 Desktop. Just check a check-box in the “Create Shortcut” command!

Glass on Windows 10: InstallAware is the first to bring G L A S S to Windows 10. Use InstallAware‘s pre-built Glass theme, or create your own. Just rebuild existing setups without any source code changes to glassify them for Windows 10. Show off your own glass based setup splash screen, with the target OS’s Windows accent colors applied!

Pre-Flight Checks: Push your hardware to its limits with InstallAware. Run multiple simultaneous virtual machine tests on as many virtual machines as you want. Specify custom command line parameters and customize InstallAware‘s included unit testing scripts as the ultimate in pre-flight checks, with your own customizable roster.

50% Better Compression: Reduce Microsoft’s official SQL Server 2014 Express with Service Pack 1 installation into half of its already compressed size. Seemingly violating the law of entropy in data compression, InstallAware is unmatched the size and speed of the installers it creates, even outperforming the platform/OS vendor.

Seamless Upgrade: Whatever installation platform you use, you’ll find authoring a setup in InstallAware a breeze. Nonetheless, you can even import EXE binaries or source code into ready-to-build InstallAware projects, eliminating the barrier to upgrade and helping combat entrenchment in a particular vendor’s tookit.

An Exciting Scene from the New Star Wars Film

September 4th, 2015

The newly minted Jedi hero is running away from the bad guys and its raining laser fire on him.

He barely makes it to his spacecraft, only to find his weapon falling away from him.

As the craft ascends, he is desperate and stretching to pick up his weapon.