[wix-users] Validation Using a Dynamic Updating Burn Application
gnassar at drewtech.com
Tue Sep 8 12:35:30 PDT 2015
We're facing an issue with Public Key validation.
We've created a Burn bootstrapper. The goal of our bootstrapper was to
download the newest package off our website at all times assuming an
internet connection is present. We disabled hash validation and
preferred the signature validation to ensure that the file is indeed
valid. Everything has been working rather well for the past year but
what we didn't anticipate is when we changed our signing certificate,
and signed a new package the older Burn bootstrapper did not validate
the new signature.
As it turns out, most CA's refuse to keep your public and private keys
static, which is what we thought the "renew" button did.
So now we have a different public key and Burn refuses to install our
new MSI's. I didn't assume that the public key would be comparison. I
assumed if the signature was valid it would simply validate by a field
in the signature IE: Manufacturer Name, etc.
Is there anything we can do, or is this a hard limitation we just can
not get around.
Drew Technologies, Inc
3915 Research Park Dr, Suite A10, Ann Arbor MI 48108
*Phone:* 734-222-5228 x610 *Fax:* (734) 222-5008
Linked In <http://www.linkedin.com/in/gusnassar> | J2534 Toolbox
<http://www.j2534toolbox.com> | Drew Technologies <http://www.drewtech.com>
More information about the wix-users