Replies: 3 comments 1 reply
-
Please create and share a minimum example repos and I'll see what I can work out. |
Beta Was this translation helpful? Give feedback.
-
This is probably the minimum project code required where the Digital SourceFile attribute references the digital certificate, in this example Acme.cer. Now of course HSM digital certificates are locked away and I'd use Azure Sign tool to actually code sign the compiled msi and msp. Example: Taken from: Dummy Project: `
In the Hotfix project you'd just reference the certificate:
|
Beta Was this translation helpful? Give feedback.
-
The .cer file is just the public key of your cert. It should be trivial to build an MSI, sign it and then export the .cer from that MSI and check it into source to use in the wxs. I misread and thought you were using azure trusted signing. With that they rotate the cert every couple days. So it might be needed to extract the .cer from signed DLL/EXE files prior to building the MSI. Even then the new build wouldn't match the old build..... my brain hurts thinking about it. Personally I stay away from MSP and just break my MSI down into micropackages and use burn to service them if a customer has a very large MSI and is concerned about bandwidth when servicing them. |
Beta Was this translation helpful? Give feedback.
-
Embedding the older style certificates was easy, but now these new HSM certificates in my case reside in Azure Key Vault and no physical file.
How do I now get these into the respective tables?
This is not about codes signing the msi/msp or exe.
Beta Was this translation helpful? Give feedback.
All reactions