Dual Signging Authenticode in InstallAware X4 on Windows 7
Posted: Wed Jun 29, 2016 9:39 am
I just noticed an unexpected gotcha after re-reading the Help file, it states that due to platform limitations dual signing is only available when building on Windows 8 or newer due to platform limitations. Sadly I missed this after upgrading to X4 and it wasn't until a customer pointed out that the installer wasn't dual signed. Totally my fault for not paying enough attention to even notice my mistake, and slightly embarrassing that I didn't double check.
I'll be quite honest, I simply assumed that my setup would be dual signed, maybe there should be some dynamic text (warning) in the Authenticode setup that states whether or not the file will be dual signed based on the certificate and/or OS version?
Though I am not entirely sure why this is considered a platform limitation, when we can dual sign with signtool.exe on Windows 7 without any issues, I use the signtool.exe shipped with the Windows 8.1 resource kit. So either InstallAware doesn't use the signtool.exe for signing or InstallAware doesn't take advantage of using signtool.exe for dual signing on Windows 7, or it uses some other signing configuration, perhaps in regards to Windows Market place?
UPDATE.. Just noticed the blog post http://www.installaware.com/blog/?p=416
So I guess the solution is to run the signtool.exe from within the build events, which is fine; but I am not entirely sure if this logic is obvious, especially when referencing just the help file.
I'll be quite honest, I simply assumed that my setup would be dual signed, maybe there should be some dynamic text (warning) in the Authenticode setup that states whether or not the file will be dual signed based on the certificate and/or OS version?
Though I am not entirely sure why this is considered a platform limitation, when we can dual sign with signtool.exe on Windows 7 without any issues, I use the signtool.exe shipped with the Windows 8.1 resource kit. So either InstallAware doesn't use the signtool.exe for signing or InstallAware doesn't take advantage of using signtool.exe for dual signing on Windows 7, or it uses some other signing configuration, perhaps in regards to Windows Market place?
UPDATE.. Just noticed the blog post http://www.installaware.com/blog/?p=416
So I guess the solution is to run the signtool.exe from within the build events, which is fine; but I am not entirely sure if this logic is obvious, especially when referencing just the help file.