My goal for getting patching to work is to be able to deploy an application that can be patched by a non-admin user, but I'm running into a problem. I've created the patching sample in the documentation, and the patch works when it's elevated, but whether or not it's signed, the patch is still prompting for elevation. I'm signing both the patch and the original MSI with this command lines:
signtool.exe sign /f signcert.pfx /p 288 /d "Patch Test application!" product.msi signtool.exe sign /f signcert.pfx /p 288 /d "Patch Test application!" patch.msp I've also modified the product msi from the example so that it includes this markup: <PatchCertificates> <DigitalCertificate SourceFile="signcert.cer" Id="signcert"/> </PatchCertificates> If I look at the properties of the files, both of them have a digital signature from the same certificate, and both are identified as valid. When I run the patch as a non-administrator though, I get an elevation prompt asking to install from an unknown publisher-the original installer correctly identified my certificate. Is there something else I'm missing? I saw the article in MSDN here (http://msdn.microsoft.com/en-us/library/aa372388%28VS.85%29.aspx), which pointed me to the MsiPatchCcertificate table and the PatchCertificates element. I've tried adding the cert both as the pfx file and as a base-64 encoded cer with the same effect. Is there something else that I'm missing here? Why is the patch still reporting itself as an unknown publisher? Thanks for the help everyone, Chris ------------------------------------------------------------------------------ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users