Hello All, (I'm responding months after having posted my initial question, doh!)
Thanks Rob, for the clue about PFX passwords. After some experimentation I realized that (1) the PFX I was given has an empty password, and (2) Wix 3.03907 does not allow me to include an empty string as the value of the PFXPassword attribute. To further confirm, I manually imported the PFX, then exported it making sure to give it a non-empty password. I then rebuilt the MSI to use the newly exported PFX. Sure enough, it worked. So is it indeed impossible to install a PFX that has an empty string for a password? Raj -----Original Message----- From: Rob Mensching [mailto:[EMAIL PROTECTED] Sent: Thursday, May 08, 2008 3:34 PM To: Tanikella, Rajanikanth (SCR US); wix-users@lists.sourceforge.net Subject: RE: Installing PFX certificates to Trusted Root? Error 0x80070056 == ERROR_INVALID_PASSWORD in winerror.h Error 0x80070003 == ERROR_PATH_NOT_FOUND in winerror.h Hopefully, those can help diagnose the issue. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tanikella, Rajanikanth (SCR US) Sent: Thursday, May 08, 2008 09:24 To: wix-users@lists.sourceforge.net Subject: [WiX-users] Installing PFX certificates to Trusted Root? Hello All, I see a number of examples regarding iis:Certificate, but none quite does what I need. I am trying to get my MSI to import a PFX file into the set of Trusted Root Certification Authorities. I made an MSI that intends to do nothing more than this. (If I can get that right I'll roll it into a larger MSI that does some IIS web configuration.) My code is as follows: <Directory Id="TARGETDIR" Name="SourceDir"> <Component Id="RootCertComponent" Guid="{40BF09F0-A8F0-4eb8-9A72-6B4F64637326}"> <iis:Certificate Id="Certifimacate" Name="Certifimacate.pfx" Request="no" BinaryKey="Certifimacate.pfx" StoreName="root" StoreLocation="localMachine"/> </Component> </Directory> <Binary Id="Certifimacate.pfx" SourceFile="C:\Documents and Settings\GMS_admin\My Documents\Visual Studio 2005\Projects\CertificatePrototype\CertificatePrototype\Certifimacate.pf x" /> <Feature Id="ProductFeature" Title="CertificatePrototype" Level="1"> <ComponentRef Id="RootCertComponent"/> </Feature> When I run this it consistently fails with: Action start 12:05:22: InstallCertificates. MSI (s) (0C:78) [12:05:22:562]: Creating MSIHANDLE (6) of type 790542 for thread 888 MSI (s) (0C:D8) [12:05:22:562]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI3.tmp, Entrypoint: InstallCertificates ... (Creating and closing MSIHANDLEs) InstallCertificates: Error 0x80070056: Failed to open PFX file. ... (Creating and closing MSIHANDLEs) InstallCertificates: Error 0x80070056: Failed to get SHA1 hash of certificate. ... (Creating and closing MSIHANDLEs) InstallCertificates: Error 0x80070056: Failed to resolve certificate: Certifimacate ... (Closing MSIHANDLEs) Action ended 12:05:22: InstallCertificates. Return value 3. MSI (s) (0C:78) [12:05:22:906]: Machine policy value 'DisableRollback' is 0 MSI (s) (0C:78) [12:05:22:906]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\R ollback\Scripts 3: 2 MSI (s) (0C:78) [12:05:22:921]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\R ollback\Scripts 3: 2 MSI (s) (0C:78) [12:05:22:921]: Calling SRSetRestorePoint API. dwRestorePtType: 13, dwEventType: 103, llSequenceNumber: 26, szDescription: "". MSI (s) (0C:78) [12:05:22:984]: The call to SRSetRestorePoint API succeeded. Returned status: 0. MSI (s) (0C:78) [12:05:22:984]: Unlocking Server Action ended 12:05:22: INSTALL. Return value 3. I have also tried using a File element to hold the certificate instead of a Binary element, but the log, in that case, shows: InstallCertificates: Error 0x80070003: Failed to read PFX file: C:\Certificates\Certifimacate.pfx ... InstallCertificates: Error 0x80070003: Failed to read certificate from file path. ... InstallCertificates: Error 0x80070003: Failed to resolve certificate: Certifimacate In both cases, I have noticed the following in the log: MSI (c) (E0:4C) [12:05:13:375]: Machine policy value 'AlwaysInstallElevated' is 0 MSI (c) (E0:4C) [12:05:13:375]: User policy value 'AlwaysInstallElevated' is 0 MSI (c) (E0:4C) [12:05:13:390]: Running product '{DF7890DA-6620-40C1-9FAE-08AC9771DCBF}' with user privileges: It's not assigned. ... MSI (s) (0C:78) [12:05:13:890]: Machine policy value 'AlwaysInstallElevated' is 0 MSI (s) (0C:78) [12:05:13:890]: User policy value 'AlwaysInstallElevated' is 0 MSI (s) (0C:78) [12:05:13:890]: Running product '{DF7890DA-6620-40C1-9FAE-08AC9771DCBF}' with user privileges: It's not assigned. I'm not sure if that matters. I am executing it as an AdminUser (the MSI actually tests that condition.) Can anyone point out what I'm doing wrong here? This behavior occurs in both v3.0.3907.0 and in v3.0.4102.0. Many thanks, Raj ------------------------------------------------------------------------ - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/j avaone _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
