[wix-users] MSI Signing
Gerhard Matzen
gmatzen at osisoft.com
Sat Apr 15 12:24:39 PDT 2017
To support older operating systems, our company does sha1 one signing of MSIs using a sha2 certificate.
Sent from my Verizon, Samsung Galaxy smartphone
-------- Original message --------
From: Walter Dexter <wfdexter at gmail.com>
Date: 4/15/17 6:17 AM (GMT-08:00)
To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
Subject: Re: [wix-users] MSI Signing
I don't know anything about it in this context but generally speaking SHA1 is considered broken/deprecated.
> On Apr 15, 2017, at 6:08 AM, Christopher Painter <chrpai at iswix.com> wrote:
>
> I recently obtained an SHA256 certificate and have gone down the path of dual signing / time stamping all of my EXE and DLLs. I then attempted to dual sign my MSI and got an error saying it isn't supported.
>
>
> I did a google search and found very little information and conflicting opinions. If you can only single sign is it better to sign with SHA1 or SHA256?
>
>
>
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant http://www.firegiant.com/
____________________________________________________________________
WiX Toolset Users Mailing List provided by FireGiant http://www.firegiant.com/
More information about the wix-users
mailing list