What's the best resource to refer to as far as the steps for code
signing an app and it's dependencies? (Not just the setup.exe)

Thanks.

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve

Are you asking how to do it or what to sign?

Jane Fleming

Jane,

> Are you asking how to do it or what to sign?

Yes.


(sorry, couldn't resist<g>)

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Enhanced Reporting: http://www.cpcs-inc.com

Resistance Is Futile!

Jane Fleming

Indeed - Where do we get your magic notes on the topic? I have also
capitulated and need to get going on this....

J André Labuschagné

I have some "magic notes" in the "Learning SetupBuilder Part I" document
that can now be installed from within the SetupBuilder IDE.

Also some older articles on clarionmag (subscription required) on the ins
and outs of dealing with Vista (and Win7), including code-signing and
manifests and what you can write where.

David Troxell has an "everything you wanted to know" blog for which he posts
a link from time to time.

I also did a "test" demo video for Friedrich quite a while back that has
never been officially released. If you send me an email, I'll send you a
secret link to it. In addition to a walk through the IDE and a basic
installation, it has one section on manifests and code-signing.

Jane

> I have some "magic notes" in the "Learning SetupBuilder Part I" document
> that can now be installed from within the SetupBuilder IDE.
>
> Also some older articles on clarionmag (subscription required) on the ins
> and outs of dealing with Vista (and Win7), including code-signing and
> manifests and what you can write where.
>
> David Troxell has an "everything you wanted to know" blog for which he posts
> a link from time to time.

To all:

The good thing about an "everything you wanted to know" blog (actually the
blog refers to the downloadable CHM) - is that it's mostly summarized
information,

but pointing you BACK to the original reference information, so you have
access to the expert's resources, including Jane's Clarion Live!
Presentation, and of course, her exhaustive Learning SetupBuilder Part
I.CHM - a MUST read.

Product Description - App Data UAC Safe, MFG - Encourager Software
Internet Link - http://profileexchanges.com/blog/?p=120

Clarion Magazine articles are available to subscribers - not referenced in
my company's Making App Data (Vista and Windows 7) Safe CHM - but can be
found through search facility at Clarion Magazine Site.

The whole point of the CHM is to give a starting point (links) to do a more
complete reading of sources - plus some vital tips that will help refresh
important points about product development.

David

--
From David Troxell - Product Scope 7.9 - Encourager Software
Clarion Third Party Profile Exchange Online
http://encouragersoftware.com/profile/clarlinks.html

Thanks David.

J André Labuschagné

Thanks for that.

J André Labuschagné

Jane,

> Resistance Is Futile!

Gave in years ago... to many things!<g>

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Enhanced Reporting: http://www.cpcs-inc.com

Except you have yet to give up giving up! <g>

--
Russell B. Eggen
www.radfusion.com
Clarion developers: www.radfusion.com/devs.htm

Russ,

> Except you have yet to give up giving up! <g>

I said "give in" ... I'll NEVER give up! Especially my Forte Agent
news reader!<g>

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Enhanced Reporting: http://www.cpcs-inc.com

You can take Forte Agent only "from my cold dead hands" <g>

--
markus steinwender, c7.x

Sounds like there is some serious bondage between you and your reader. This
could be pretty unhealthy in the long run.... <vbg>

J André Labuschagné

I think I'm okay about "what" to sign.

I just would like to know the best practice within SB7 in order to
accomplish the signing, knowing that I followed your (Jane's) Comodo
purchase instructions and downloaded the file(s)

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve

Jeff,

> I just would like to know the best practice within SB7 in order to
> accomplish the signing, knowing that I followed your (Jane's) Comodo
> purchase instructions and downloaded the file(s)

No idea if it's best practice but I #code-sign application early in
the script... before [ Support Files ] (see image)

For the EXE, if there is one, I force the manifest just before, also
with the SKIP attribute enabled.

Is that what you're looking for or something else?!<g>

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Enhanced Reporting: http://www.cpcs-inc.com

Yeah, that. Thanks.

Is there a wildcard means of doing it, or is it only explicit file
names?

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve

Jeff,

> Is there a wildcard means of doing it, or is it only explicit file
> names?

From help<g>...
> String that specifies the path and file name of a file to code-sign (this can include the wildcards "*" and "?").

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Enhanced Reporting: http://www.cpcs-inc.com

Thanks Lee. You're better than Google.

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve

Of course - he uses Forte <g>

J André Labuschagné

That's one of the 2000 reasons that he's likeable.

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve

Hi Jeff,

> I just would like to know the best practice within SB7 in order to
> accomplish the signing, knowing that I followed your (Jane's) Comodo
> purchase instructions and downloaded the file(s)

What I do is I don't have this in the SB script that builds the install. I
have this in a separate script that does nothing but code sign the dlls/exes
before they are moved to deployment folders. This way I can easily code
sign the whole mess on my computer after recompiled.

I use BA to do all my builds so I simply compile this code signing script
before I start copying files to deployment folders and then compile the
install script:)

This way I separate the code signing from the build process so it's easy for
me to code sign the whole mess if needed without doing a full rebuild. BA
takes care of calling the code signing when needed during deployment:)

Best regards

--
Arnór Baldvinsson - Icetips Alta LLC
Port Angeles, Washington
www.icetips.com - www.buildautomator.com - www.altawebworks.com
Icetips product subscriptions at http://www.icetips.com/subscribe.php

Hi Arnor

Neat - reminds me - need to update our subscription.

Cheers
Andre