[wix-users] How to sign selective MSI packages in a bundle

Chuck Caldwell Chuck.Caldwell at WellSky.com
Thu May 26 06:16:56 PDT 2022 

You can sign the bundles and the engine in the bundle with signtool and insignia, but, you can't get the MSI's within the bundle. At least, not as far as I know.

Chuck

-----Original Message-----
From: wix-users <wix-users-bounces at lists.wixtoolset.org> On Behalf Of Tigran Galoyan via wix-users
Sent: Thursday, May 26, 2022 8:57 AM
To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
Cc: Tigran Galoyan <tigran.galoyan at gmail.com>
Subject: Re: [wix-users] How to sign selective MSI packages in a bundle

CAUTION: External Sender


I wonder though if there is a way to sign the MSIs after the build is complete and the artifacts (the bundle setup executables are generated)?

On Wed, May 25, 2022 at 5:10 PM Rob Mensching via wix-users < wix-users at lists.wixtoolset.org> wrote:

> Just to be clear (and pedantic): You do not need to sign MSIs that 
> ship in a bundle. The bundle should suffice.
>
> -----Original Message-----
> From: wix-users <wix-users-bounces at lists.wixtoolset.org> On Behalf Of 
> Rob Mensching via wix-users
> Sent: Wednesday, May 25, 2022 2:09 PM
> To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
> Cc: Rob Mensching <rob at firegiant.com>
> Subject: Re: [wix-users] How to sign selective MSI packages in a 
> bundle
>
> You sign MSIs the same as everything. In a .wixproj, you can override 
> the `SignMsi` target to call out to signtool or whatever tooling 
> you're using to sign.
>
>
>
> - - - - - - - - - - - - - - -
> I provide short answers on wix-users. Full commercial support is 
> offered by FireGiant at 
> https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.f
> iregiant.com%2Fservices&data=05%7C01%7Cchuck.caldwell%40wellsky.co
> m%7Cda87ff635a414cf5cb6508da3f173717%7C15d19784ad584a57a66fad1c0f826a4
> 5%7C0%7C0%7C637891666194540649%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjA
> wMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&am
> p;sdata=w8W7Vr%2BbLnqnvQHrJL9NOvCsUBbc6vPKHciDLsKwKnQ%3D&reserved=
> 0
>
> -----Original Message-----
> From: wix-users <wix-users-bounces at lists.wixtoolset.org> On Behalf Of 
> Tigran Galoyan via wix-users
> Sent: Wednesday, May 25, 2022 2:04 PM
> To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
> Cc: Tigran Galoyan <tigran.galoyan at gmail.com>
> Subject: [wix-users] How to sign selective MSI packages in a bundle
>
> Hi,
>
> We sign our setup executables at the very end of the build process 
> (first the engine then the bundle itself). However, since the bundles 
> consist of many other MSI-s that we produce then when we try later 
> after installation to launch some applications installed with those 
> MSI packages, then if the launch requires elevated privileges then UAC 
> pops up the window where it states that the publisher is unknown. 
> Apparently, the setup executable itself is signed and shows the correct publisher.
>
> How can we also sign the MSI packages (no all that are in a bundle, 
> but those that we generate) that later our applications show the 
> correct publisher at launch time (in the UAC popup)?
>
> Thanks,
> Tigran
>
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant
> https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.f
> iregiant.com%2F&data=05%7C01%7Cchuck.caldwell%40wellsky.com%7Cda87
> ff635a414cf5cb6508da3f173717%7C15d19784ad584a57a66fad1c0f826a45%7C0%7C
> 0%7C637891666194540649%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJ
> QIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=
> %2BglvkeLMuGfxA4sa%2FDWBYVSFaUiRejK5xu4060%2F%2FIvs%3D&reserved=0
>
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant
> https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.f
> iregiant.com%2F&data=05%7C01%7Cchuck.caldwell%40wellsky.com%7Cda87
> ff635a414cf5cb6508da3f173717%7C15d19784ad584a57a66fad1c0f826a45%7C0%7C
> 0%7C637891666194540649%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJ
> QIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=
> %2BglvkeLMuGfxA4sa%2FDWBYVSFaUiRejK5xu4060%2F%2FIvs%3D&reserved=0
>
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant
> https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.f
> iregiant.com%2F&data=05%7C01%7Cchuck.caldwell%40wellsky.com%7Cda87
> ff635a414cf5cb6508da3f173717%7C15d19784ad584a57a66fad1c0f826a45%7C0%7C
> 0%7C637891666194540649%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJ
> QIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=
> %2BglvkeLMuGfxA4sa%2FDWBYVSFaUiRejK5xu4060%2F%2FIvs%3D&reserved=0
>

____________________________________________________________________
WiX Toolset Users Mailing List provided by FireGiant https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.firegiant.com%2F&data=05%7C01%7Cchuck.caldwell%40wellsky.com%7Cda87ff635a414cf5cb6508da3f173717%7C15d19784ad584a57a66fad1c0f826a45%7C0%7C0%7C637891666194540649%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=%2BglvkeLMuGfxA4sa%2FDWBYVSFaUiRejK5xu4060%2F%2FIvs%3D&reserved=0

More information about the wix-users mailing list