[wix-users] Validation Using a Dynamic Updating Burn Application

[gnassar]

We're facing an issue with Public Key validation.

We've created a Burn bootstrapper. The goal of our bootstrapper was to 
download the newest package off our website at all times assuming an 
internet connection is present. We disabled hash validation and 
preferred the signature validation to ensure that the file is indeed 
valid. Everything has been working rather well for the past year but 
what we didn't anticipate is when we changed our signing certificate, 
and signed a new package the older Burn bootstrapper did not validate 
the new signature.

As it turns out, most CA's refuse to keep your public and private keys 
static, which is what we thought the "renew" button did.

So now we have a different public key and Burn refuses to install our 
new MSI's. I didn't assume that the public key would be comparison. I 
assumed if the signature was valid it would simply validate by a field 
in the signature IE: Manufacturer Name, etc.

Is there anything we can do, or is this a hard limitation we just can 
not get around.
-- 

Gus Nassar

Drew Technologies, Inc
3915 Research Park Dr, Suite A10, Ann Arbor MI 48108
*Phone:* 734-222-5228 x610 *Fax:* (734) 222-5008
Linked In <http://www.linkedin.com/in/gusnassar> | J2534 Toolbox 
<http://www.j2534toolbox.com> | Drew Technologies <http://www.drewtech.com>