[wix-users] MSI Signing

Walter Dexter wfdexter at gmail.com
Sat Apr 15 06:16:55 PDT 2017


I don't know anything about it in this context but generally speaking SHA1 is considered broken/deprecated. 

> On Apr 15, 2017, at 6:08 AM, Christopher Painter <chrpai at iswix.com> wrote:
> 
> I recently obtained an SHA256 certificate and have gone down the path of dual signing / time stamping all of my EXE and DLLs.  I then attempted to dual sign my MSI and got an error saying it isn't supported.
> 
> 
> I did a google search and found very little information and conflicting opinions.  If you can only single sign is it better to sign with SHA1 or SHA256?
> 
> 
> 
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant http://www.firegiant.com/



More information about the wix-users mailing list