We are doing something wrong. I checked our myProgram.exe file after code
signing the installation package
and realized the myProgram.exe file is not code signed. We do not get any
errors when code signing the installation
package.

The setup.exe is code signed with the digital certificates. There is nothing
in the myProgram.exe.
What can be the issue??

Thanks in advance
Ken

Ken,

> The setup.exe is code signed with the digital certificates. There is nothing
> in the myProgram.exe.
> What can be the issue??

Did you code sign the program EXE using "#code-sign application" from
within the SB script?

Lee White

> Did you code sign the program EXE using "#code-sign application" from
> within the SB script?

Forgot to mention that you should sign any DLL's you compile yourself
as well as the EXE.

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

> Forgot to mention that you should sign any DLL's you compile yourself
> as well as the EXE.

Also keep in mind that you should add a manifest to the EXE, and only
the EXE, before you code sign it.



My eyes are causing me a lot of grief today... it's time to quit!<g>

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

We are doing what you recommended. Still no luck...

Ken Stone

SEE BELOW....

------ Build started: Project: setup.sb7, Configuration: Release Win32 ------
------ Date/Time: 02/21/2018 -- 03:25:10PM

------ SetupBuilder (tm) Project Script Compiler and Linker for Windows
------ Copyright (c) 1997-2017 Lindersoft
------ SetupScript (tm) Installation Script Language
------ Copyright (c) 2003-2017 Lindersoft
------ All rights reserved.

------ Developer Edition 2017 Version 10.0.5710
------ SetupBuilder (SB/EXE) Compiler Version 10.0.5710

Waiting for SKU Management configuration information...
Init Globals...
Set Media Type: Single-file image
Verify Code-Signed Install at Startup: DISABLED
OK
Writing Objects...
OK
Compiling...
setup.sb7
Init Standard Variables...
Performing pre-checks...
#pragma loaded: CODESIGN_SHA
#pragma CODESIGN_SHA = 12
#pragma loaded: CODESIGN_TSSHA1URL
SHA1 timestamp server defined
#pragma CODESIGN_TSSHA1URL = http://timestamp.comodoca.com/authenticode
OK
Timestamp server(s)...
SHA-1: http://timestamp.comodoca.com/authenticode
SHA-2: http://timestamp.globalsign.com/?signature=sha2
Type : 12
Script format version detected: 10.0.5452
Recursive compile (0:30): Common Definitions.sbi
#pragma loaded: MINVER
Finished
Continue (0:1:31):
C:\Clarion10\Apps\Version63\Acmswin\479\Update\Acm swin\withoutHelp\Payroll\setup.sb7
Embed Manifest (Preprocessor)...
Manifest embedded successfully [backup]:
C:\Clarion10\Apps\Version63\Acmswin\479\payroll.ex e
Adding Digital Certificate II (Preprocessor)...
SIGNTOOL: C:\Clarion10\Apps\Version63\Acmswin\479\payroll.ex e
SVER: 10.0.10240.16384
SHA1: 0
SHA2: 0
Code signed successfully: C:\Clarion10\Apps\Version63\Acmswin\479\payroll.ex e
Script(s) processed
Generating Code...
OK
Building executable...
Approx. Stub size: 24,235 bytes
Linking kernel...
Code size: 156,847 bytes
Generating and optimizing [1033] string resources [@2]...
Processing external file [1]: C:\Clarion5\APPS\AcmsWin\manual\License Agreement.rtf
OK
Linking [1033] language resource(s)...
Code size: 11,649 bytes
Linking dialog side bitmap...
Code size: 2,761 bytes
Linking dialog top bitmap...
Code size: 484 bytes
Including 2 core service file(s)...
Compressing file: C:\Program Files (x86)\Lindersoft\SetupBuilder 10
Developer\Images\sbInstall2.bmp
Code size: 25,171 bytes
Compressing file: C:\Program Files (x86)\Lindersoft\SetupBuilder 10
Developer\Images\sbInstall.bmp
Code size: 20,131 bytes
Linking Uninstall Script...
Code size: 288 bytes
Preparing Uninstaller Code-Signing...
OK
Calculating Feature and Type sizes...
OK
Resolving compiler variables...
OK
Analyzing installation script (protection mode)...
OK
Linking installation script...
Code size: 2,085 bytes
Linking loader...
PECVER: 4.0.4.0
Resum00 executed
Compile Version Resource...
Code size: 16,896 bytes
Add SZDD stamp @ 7692
Linking decompression library...
Code size: 9,387 bytes
Processing Uninstall Code-Signing...
Adding Digital Certificate to Uninstall...
Resolve CSI...
SIGNTOOL
SVER: 10.0.10240.16384
SHA1: 0
SHA2: 0
Successfully code signed Uninstall Object
Process File Overhead Extraction
OK
Generating Uninstall Delta [8000]...
34 byte-mods applied
Signature source added [12388:6425]
Signature patch added
OK
Finalizing application...
Adding Digital Certificate...
Resolve CSI...
SIGNTOOL:
C:\Clarion10\Apps\Version63\Acmswin\479\Update\Acm swin\withoutHelp\Payroll\Setup.exe
SVER: 10.0.10240.16384
SHA1: 0
SHA2: 0
Code signed successfully
Code Signing Certificate Expiration Date: 01/16/2021 - 1060 day(s)
Extended Information: T&S Consulting, LLC - 57 ce aa 58 a9 8b f9 af a6 81 ee
ad 27 30 b2 9a
Terminating CSigning Process...[0]
OK
Generating HTML report...
C:\Clarion10\Apps\Version63\Acmswin\479\Update\Acm swin\withoutHelp\Payroll\Setup.htm
OK
Generating CSV report...
C:\Clarion10\Apps\Version63\Acmswin\479\Update\Acm swin\withoutHelp\Payroll\Setup.csv
OK

--------------------------------------- Done ---------------------------------------

setup.sb7 - Setup.exe - 0 error(s), 0 warning(s), 1 file(s) code-signed

Total file(s) : 2
Total data size: 34,897,560 bytes (33.28 MB)
Total .exe size: 26,280,464 bytes (25.06 MB)

Location:
C:\Clarion10\Apps\Version63\Acmswin\479\Update\Acm swin\withoutHelp\Payroll\Setup.exe

Compilation Time: 14.42 sec.
Date/Time: 02/21/2018 -- 03:25:25PM

------------------------------- Compilation finished -------------------------------


Ken Stone

>We are doing something wrong. I checked our myProgram.exe file after code
>signing the installation package
>and realized the myProgram.exe file is not code signed. We do not get any
>errors when code signing the installation
>package.

There is a checkbox in SB somewhere (cannot remember as 12 months since I used SB)
that you set/unset so that you only codesign a copy of the exe which ends up inside
the install. It leaves your original alone. Check your settings where you call the
exe codesign within your script.

JohnG

See screenshot...

JohnG

John,

> See screenshot...

You beat me to it. I was going to ask if Ken was checking the
installed EXE or the locally compiled EXE and mention that option.

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Lee

8-) Rare event for me to beat you. Hope your eye treatment goes well.

John


>You beat me to it.

We checked the permanent as suggested. Still no digital signature added to
myProgram.exe file....

Ken Stone

> We checked the permanent as suggested. Still no digital signature added to
> myProgram.exe file....

Hi Ken,

Now that you have it checked try replacing the copy being used by the
installer with a fresh compiled version (delete the current one and then
replace it).

It may be skipping it.

Charles


--
-------------------------------------------------------------------------------------------------------
Charles Edmonds

cjeByteMeSpammers@lansrad.com (remove the "ByteMeSpammers" to email me)
www.clarionproseries.com - ProDocument, ImageEx, ProScan, ProImage, ProPath
and other Clarion developer tools!
www.seal-soft.com - The xProduct Clarion templates - xWordCOM, xToolTip,
xDataBackup Manager and more!
www.ezchangelog.com - "Free ChangeLog software to manage your projects!"
www.setupcast.com - "A revolutionary new publishing system for software
developers - enhanced for SetupBuilder users!"
www.ezround.com - "Round Corner HTML tables with matching Banners, Buttons
and Forms - Now with PNG support!
www.lansrad.com - "Intelligent Solutions for Universal Problems"
www.fotokiss.com - "World's Best Auction Photo Editor"
-------------------------------------------------------------------------------------------------------

Hi Ken

>We checked the permanent as suggested. Still no digital signature added to
>myProgram.exe file....

Looking at your script output, I see [backup] for the Manifest output. This looks like
you need to also add the [x] permanent setting to your manifest setting within SB.


see screenshots...

JohnG

That fixed the issue. Thanks to everyone for your advise.

Love this community,
Ken Stone & Staff

Great news.

One small tick for SetupBuilder,
One giant leap for Clarion Programmers

<g>

John Griffiths

Hi John,

> Looking at your script output, I see [backup] for the Manifest output. This looks like
> you need to also add the [x] permanent setting to your manifest setting within SB.

Curious: Why does the setting for the manifest affect the code signing?
I always do my own manifests so I'm not familiar with it in SB.

Best regards,

--
Arnor Baldvinsson
Icetips Alta LLC

G'day Arnor

I don't know why. Maybe is is a threading issue within SB, or perhaps the PC was doing
some caching, and the interim file was being codesigned, then clobbered when the
manifest was completed. That may be a question for the Wizard Master( = Friedrich) !

I always did all my manifests using SB, and always permanent. Then codesigning just
worked.

John