My goal for getting patching to work is to be able to deploy an application
that can be patched by a non-admin user, but I'm running into a problem. I've
created the patching sample in the documentation, and the patch works when it's
elevated, but whether or not it's signed, the patch is still prompting for
elevation. I'm signing both the patch and the original MSI with this command
lines:
signtool.exe sign /f signcert.pfx /p 288 /d "Patch Test application!"
product.msi
signtool.exe sign /f signcert.pfx /p 288 /d "Patch Test application!" patch.msp
I've also modified the product msi from the example so that it includes this
markup:
<PatchCertificates>
<DigitalCertificate SourceFile="signcert.cer" Id="signcert"/>
</PatchCertificates>
If I look at the properties of the files, both of them have a digital signature
from the same certificate, and both are identified as valid. When I run the
patch as a non-administrator though, I get an elevation prompt asking to
install from an unknown publisher-the original installer correctly identified
my certificate. Is there something else I'm missing? I saw the article in
MSDN here (http://msdn.microsoft.com/en-us/library/aa372388%28VS.85%29.aspx),
which pointed me to the MsiPatchCcertificate table and the PatchCertificates
element. I've tried adding the cert both as the pfx file and as a base-64
encoded cer with the same effect. Is there something else that I'm missing
here? Why is the patch still reporting itself as an unknown publisher?
Thanks for the help everyone,
Chris
------------------------------------------------------------------------------
_______________________________________________
WiX-users mailing list
WiX-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wix-users
