You could use InstallRite or InstallWatch to capture a before and after image of both installations.
On Tue, Jul 29, 2008 at 8:12 AM, Ryan O'Neill <[EMAIL PROTECTED]> wrote: > OK, so I owe you money then :) > > Any way of doing some kind of sysdiff to see what WiX is not doing > correctly? > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Morris, John > - > Raleigh > Sent: 29 July 2008 13:47 > To: General discussion for Windows Installer XML toolset. > Subject: Re: [WiX-users] Failure using WiX installer certificates with WCF > > I've looked into that issue too. That was my first thought. The > permissions on the certificate are correct. WCF refuses to use the > certificate when WiX does the installation. I tried adjusting the > permissions using 3 different tools (MMC console, cacls and > winhttpcertcfg). When WiX does the install, WCF won't use it. If I > manually install the certificate and adjust permissions, it works fine. > The WiX extension is broken here, not doubt. > > FYI: I am using Vista SP1 as the target OS. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Ryan > O'Neill > Sent: Tuesday, July 29, 2008 5:34 AM > To: 'General discussion for Windows Installer XML toolset.' > Subject: Re: [WiX-users] Failure using WiX installer certificates with > WCF > > I know you say you checked this, but I had this (although not WiX > created) > last week. I would put money on the file permissions not being correct > for > the WCF/IIS user to access. The error I received was the same and using > 'findprivatekey.exe' from the SDK helped me locate it on disk. As I'm in > development I just set 'Everyone' to full access and it worked. > > This particular part of the exception 'The process must have access > rights > for the private key.' makes me think that. Although it could have got > put > into the wrong container somehow (personal instead of computer level for > instance). > > Hope that helps > > Ryan > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Rob > Mensching > Sent: 29 July 2008 04:49 > To: General discussion for Windows Installer XML toolset. > Subject: Re: [WiX-users] Failure using Wix installer certificates with > WCF > > That's a new one on me. Certificates have proven to be no end of fun. > I > should have known this since they are part of the CryptoAPI and that API > is > one of the most cryptic around. Sorry, couldn't resist the pun. > <grin/> > > Anyway, something subtle is clearly different but I don't have any iea > where > to start looking. If you find a specific issue, it'd be great to file a > bug > against it. I'm going to start plowing through the certificate bugs > soon. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Morris, > John - > Raleigh > Sent: Monday, July 28, 2008 11:59 > To: wix-users@lists.sourceforge.net > Subject: [WiX-users] Failure using Wix installer certificates with WCF > > I have a wix project that uses the IIS extension to install a simple > x509 certificate. Here is my wix snippet: > > > > <Binary Id="BIN_MyCertificate.pfx" > SourceFile="$(var.Binaries)\MyCertificate.pfx" /> > > > > <DirectoryRef Id="INSTALLLOCATION"> > > <?define ComponentGuid = f128910b-318d-4b3f-96c3-f59610bbfce5 ?> > > > > <Component Id="CP_ MyCertificate.pfx" Guid="$(var.ComponentGuid)" > KeyPath="yes"> > > > > <iis:Certificate Id="CERT_ MyCertificate.pfx" > > BinaryKey="BIN_ MyCertificate " > > Name="My Certificate" > > Overwrite="yes" > > PFXPassword="MyPassword" > > Request="no" > > StoreLocation="localMachine" > > StoreName="personal" /> > > </Component> > > > > </DirectoryRef> > > > > The certificate appears to install ok. I then use a custom action to > execute the winhttpcertcfg utility to adjust the permissions this > certificate. That appears to work too. However, when I try to run a WCF > based service (in IIS), I get the error below, in the event log. If I > try running an install without have Wix do the certificate installation > (ie I manually install it), everything works ok. When Wix installs the > certificate, I can see the entry in the MMC console, but WCF won't use > it. > > > > Am I missing something here, or is there a known bug concerning this > scenario? > > > > Thanks, John > > > > (Event log details below) > > > > WebHost failed to process a request. > > Sender Information: > System.ServiceModel.ServiceHostingEnvironment+HostingManager/18271112 > > Exception: System.ServiceModel.ServiceActivationException: The service > '/SelectServer/Integration/v1/Registration.svc' cannot be activated due > to an exception during compilation. The exception message is: The > certificate 'CN=My Certificate' must have a private key that is capable > of key exchange. The process must have access rights for the private > key.. ---> System.ArgumentException: The certificate 'CN=My Certificate' > must have a private key that is capable of key exchange. The process > must have access rights for the private key. ---> > System.Security.Cryptography.CryptographicException: Keyset does not > exist > > > > at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters > parameters, Boolean randomKeyContainer) > > at > System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType > keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 > dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) > > at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() > > at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 > dwKeySize, CspParameters parameters, Boolean useDefaultKeySize) > > at > System.Security.Cryptography.RSACryptoServiceProvider..ctor(CspParameter > s parameters) > > at > System.Security.Cryptography.X509Certificates.X509Certificate2.get_Priva > teKey() > > at > System.ServiceModel.Security.SecurityUtils.EnsureCertificateCanDoKeyExch > ange(X509Certificate2 certificate) > > --- End of inner exception stack trace --- > > at > System.ServiceModel.Security.SecurityUtils.EnsureCertificateCanDoKeyExch > ange(X509Certificate2 certificate) > > at > System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.Crea > teServerX509TokenProvider() > > at > System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.Crea > teLocalSecurityTokenProvider(RecipientServiceModelSecurityTokenRequireme > nt recipientRequirement) > > at > System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.Crea > teSecurityTokenProvider(SecurityTokenRequirement requirement) > > at > System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.Crea > teTlsnegoServerX509TokenProvider(RecipientServiceModelSecurityTokenRequi > rement recipientRequirement) > > at > System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.Crea > teTlsnegoSecurityTokenAuthenticator(RecipientServiceModelSecurityTokenRe > quirement recipientRequirement, Boolean requireClientCertificate, > SecurityTokenResolver& sctResolver) > > at > System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.Crea > teSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement, > SecurityTokenResolver& outOfBandTokenResolver) > > at > System.ServiceModel.Security.SecuritySessionSecurityTokenAuthenticator.S > essionRenewSecurityTokenManager.CreateSecurityTokenAuthenticator(Securit > yTokenRequirement tokenRequirement, SecurityTokenResolver& > outOfBandTokenResolver) > > at > System.ServiceModel.Security.SymmetricSecurityProtocolFactory.OnOpen(Tim > eSpan timeout) > > at > System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(T > imeSpan timeout) > > at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan > timeout) > > at System.ServiceModel.Security.SecurityProtocolFactory.Open(Boolean > actAsInitiator, TimeSpan timeout) > > at > System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Ope > n(TimeSpan timeout) > > at > System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(TimeSpan > timeout) > > at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan > timeout) > > at System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan > timeout) > > at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan > timeout) > > at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout) > > at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan > timeout) > > at > System.ServiceModel.Security.SecuritySessionSecurityTokenAuthenticator.O > nOpen(TimeSpan timeout) > > at > System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(T > imeSpan timeout) > > at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan > timeout) > > at > System.ServiceModel.Security.CommunicationObjectSecurityTokenAuthenticat > or.Open(TimeSpan timeout) > > at > System.ServiceModel.Security.SecurityUtils.OpenTokenAuthenticatorIfRequi > red(SecurityTokenAuthenticator tokenAuthenticator, TimeSpan timeout) > > at > System.ServiceModel.Security.SecuritySessionServerSettings.OnOpen(TimeSp > an timeout) > > at > System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(T > imeSpan timeout) > > at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan > timeout) > > at > System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Ope > n(TimeSpan timeout) > > at > System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(TimeSpan > timeout) > > at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan > timeout) > > at System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan > timeout) > > at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan > timeout) > > at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout) > > at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan > timeout) > > at > System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateSer > vice(String normalizedVirtualPath) > > at > System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServi > ceAvailable(String normalizedVirtualPath) > > --- End of inner exception stack trace --- > > at > System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServi > ceAvailable(String normalizedVirtualPath) > > at > System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast > (String relativeVirtualPath) > > Process Name: w3wp > > Process ID: 4000 > > ------------------------------------------------------------------------ > - > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the > world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > > > ------------------------------------------------------------------------ > - > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the > world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.138 / Virus Database: 270.5.6/1579 - Release Date: > 29/07/2008 > 06:43 > > > ------------------------------------------------------------------------ > - > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the > world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.138 / Virus Database: 270.5.6/1579 - Release Date: 29/07/2008 > 06:43 > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
