This article will describe how to sign your windows installer (MSI) packages with a certificate. For that you need three things in place:
- p12 certificate file - Personal Information Exchange (.p12)
- the msi package
- Windows Software Development Kit (SDK) installed (for your respective windows installation)
INFO: Certum offers free code certificates for open source projects - Open Source Code Signing, at the time of this writing.
After you have all of the above three prerequisites -> this below is the two ways to sign in Windows 7 and Windows 8 respectively:
(Execute the following and substitute your directory, names and password correctly!! In other words - substitute the bold text below plus the web link)
Windows 7
c:\Users\peter.manev>"C:\Program Files\Microsoft SDKs\Windows\v7.1\Bin\signtool.exe" sign /v /f my-p12-file.p12 /p "PASSWORD-FOR-p12-HERE" /d "My install package is very cool and is about this" /du "http://www.info-for-my-project.org/" /t http://timestamp.verisign.com/scripts/timstamp.dll my-win-installer-package.msi
Windows 8
c:\Users\peter.manev>"C:\Program Files (x86)\Windows Kits\8.0\bin\x86\signtool.exe" ssign /v /f my-p12-file.p12 /p "PASSWORD-FOR-p12-HERE" /d "My install package is very cool and is about this" /du "http://www.info-for-my-project.org/" /t http://timestamp.verisign.com/scripts/timstamp.dll my-win-installer-package.msi
The result should be something like this:
The following certificate was selected:
Issued to: Open Source Developer, Developers Team
Issued by: Certum Level III CA
Expires: Thu Mar 20 08:07:06 2014
SHA1 hash: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Done Adding Additional Store
Successfully signed: my-win-installer-package.msi
Number of files successfully Signed: 1
Number of warnings: 0Number of errors: 0
Some more information - MS Root Certificate Members:
http://social.technet.
http://social.technet.
(windows 8 and windows 8 phone)
http://social.technet.
http://social.technet.
(windows 8 and windows 8 phone)
No comments:
Post a Comment