Code Sign error

kkolo · #1 04-11-2012, 03:17 PM

I have a Code-Sign Application directive at the top of my script (see attached screen shot of the dialog).

I am getting an error at the end of the compile ...

------------------------------- Compilation finished -------------------------------

Processing post compilation tasks...
Code-signing: C:\DropBox\Installers\SetupBuilder\FULL\Setup.exe
SIGNCODE
Compiler warning GEN1061: File not found:
Compiler warning GEN1061: File not found:
Compiler error GEN1053: Code signing process failed. Error Code: -1

--------------------------------------- Done ---------------------------------------

i double checked the password for the .pfx

And the file C:\DropBox\Installers\SetupBuilder\FULL\Setup.exe does exist.

Any advice?

- Kathy

linder · #2 04-12-2012, 02:08 AM

Kathy,

Yes. You tried to code-sign with your .PFX , but you are using "SIGNCODE". Signcode.exe makes use of the .PVK/.SPC files. So you forgot to switch to "SIGNTOOL" ;-) Switch to signtool.exe and you are done.

Tools | Options... | "File Locations" tab (see attached screenshot).

Does this help?

Friedrich

linder · #3 04-12-2012, 04:52 AM

Kathy,

And a quick note: please do NOT use the preprocessor directive to code-sign your setup.exe!!!!

Please use "General Information" -> Digital Signature (see attached screenshot). This will automatically code-sign your install and uninstall application!

You can use the compiler directive to code-sign external files (e.g. your own app.exe or DLLs, etc.).

Friedrich

kkolo · #4 04-12-2012, 09:22 AM

Thanks for the information. I'm still having an issue though..

I set up the General Information Code sign (see attached)
and under Tools | Options File Locations I set what looks right - but, maybe I am missing something.

At any rate the Uninstall.exe appears to be codeSigned but the Setup.exe is not.

What am I doing wrong?

- Kathy

linder · #5 04-12-2012, 10:52 AM

Kathy,

If your uninstall.exe is code signed then the setup.exe is code signed as well.

Why do you think that your setup.exe is not signed?

Friedrich

kkolo · #6 04-12-2012, 11:04 AM

Because when I go to the Setup.exe - and right click - Properties - there should be a 'Digital Signatures' tab with the code-signing information. But, there is not.

- Kathy

kkolo · #7 04-12-2012, 11:09 AM

Also,

I just checked the Uninstall.exe and it also is not actually code-signed.
There is no 'Digital Signatures' tab and when I run it - next to Publisher -- it says 'Unknown'

linder · #8 04-12-2012, 11:47 AM

Kathy,

I think you are checking the wrong file(s). And in your "Executable File [EXENAME]" you are still using a runtime variable (%_SB_RELEASEID%). Runtime variables are only available (and resolved) at installer runtime, not at compile time!

Next problem I see is your use of [INSTALLDIR]. You set "Installation Directory [INSTALLDIR]" to [INSTALLDIR]. That is not possible because you try to define a compiler variable with itself ;-) What you can do is to set "Installation Directory [INSTALLDIR]" to [MY_INSTALLDIR] and programmatically set the value of [MY_INSTALLDIR] which defines the [INSTALLDIR] value.

Does this help?

Friedrich

linder · #9 04-12-2012, 11:53 AM

See attached screenshot. If you set "Executable File [EXENAME]" to "%_SB_RELEASEID%.exe" then the compiler will generate a "%_SB_RELEASEID%.exe" file and not a "setup.exe"

Friedrich

linder · #10 04-12-2012, 12:18 PM

Aha, wait. And set "Media Type" to "Single-file image". Don't use the CD-ROM option any longer in the modern UAC-world. This will then code-sign both the setup.exe and the uninstall.

And if you really have to create multiple volumes, use the "Custom (for UAC-aware systems) Media Type option.

Friedrich

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)