Paul McNett wrote on 2010-06-14: > On 6/14/10 2:29 PM, Rick Schummer wrote: >>>> I'm willing to go this route if it is reasonably straightforward, >>>> but I'm >> getting bogged down in the MSDN docs.<< >> >> You might be interested in a blog from Doug Hennig. >> >> http://doughennig.blogspot.com/2009/11/executable-signing-with-inno- se >> tup.ht ml > > Thanks Rick, that answered some questions for me. Specifically, how to > work this into my InnoSetup build process. Now I need to find out: > > + how to get a certificate (can I generate my own, CACert, etc.) > > + how to get SIGNTOOL.EXE, without installing Visual Studio. I bet > + there's something > open-source I can find by looking. > > I'll see about testing this over the next few weeks and follow up with > my findings. > > Paul >
Paul, >From what I recall, If you self-sign the EXE, the warning changes to "the certificate cannot be verified". Which could mean the same thing as not having it signed. COMODO is who we used. Find the one that is Code signing. <http://www.comodo.com/business-security/code-signing-certificates/code-sign ing.php> Is it worth the hassle? I'll have to specifically ask my techs again. I do know if the file does not download completely the signature is not intact, and the user is specifically told that something may be wrong. Do you use an automation tool like Visual Build Pro to put your windows package together? It has a signing action in it that I use. I know there are a couple of products you can purchase for less than $50 to allow you to attach a signature to the file. Many times when I'm needed a part of the huge package and do not want it on my box, I use a VM. So... Install the Windows OS SDK into a test virtual machine, grab the files you need and clean up the VM. Tracy Pearson PowerChurch Software _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/001a01cb0c19$5953f020$0bfbd0...@com ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
