Digitally Sign Setup Dialog Box
InstallShield 2024
The Digitally Sign Setup dialog box is displayed when you click Digitally Sign Setup on the Build Installation page of the Project Assistant. This dialog box enables you to assure your end users that the code within your application has not been modified or corrupted since publication.
|
Setting |
Description |
|||||||||||||||||||||||||||||||||
|
Digitally sign setup |
To digitally sign your installation, select this check box The other settings on this dialog box are enabled when you select this check box. |
|||||||||||||||||||||||||||||||||
|
Certificate URL |
Type a fully qualified URL—for example, http://www.mydomain.com. This URL is used in your digital signature to link to a site that you would like end users to visit to learn more about your product, organization, or company. |
|||||||||||||||||||||||||||||||||
|
Digital certificate information |
To specify the digital certificate that you want to use to sign your release, click the ellipsis button (...) next to this setting. The Certificate Selection dialog box opens, enabling you to specify either the location of the .pfx file, certificate file (EV exported .cer file), or information about the certificate store that contains the certificate. InstallShield provides an option to encrypt and store an EV token password in the project file using the public key certificate (.cer) file. The .cer file is generally created by exporting a public key from the EV Authentication Client tools associated with a USB eToken provider (for example, SafeNet Authentication Client). InstallShield displays additional options to configure the Extended Validation (EV) certificate properties if the .cer file is specified. For more details, see:
After specifying the .pfx file or choosing the certificate from test store, the below will be displayed:
After specifying the certificate file (EV exported .cer file), the below settings will be displayed:
Note:Note the following informations while utilizing the settings that appear after specifying the certificate file (EV exported .cer file):
|
|||||||||||||||||||||||||||||||||
|
Password |
If the .pfx file that you are using has a password, enter it. InstallShield encrypts the password and stores it in your project file (.ism). At build time, InstallShield uses the password to sign files with a .pfx file. If your certificate is protected by a password but you do not enter it in this setting, signing with a .pfx file fails. Note that if you configure your project to use a certificate that was imported with password protection into a store, Windows prompts for the password at build time when InstallShield is attempting to sign your project’s files. The strong key protection that Windows uses does not permit InstallShield to provide the password to the cryptographic provider. |
Tip:The Signing tab in the Releases view lets you specify which portions of your installation should be digitally signed at build time. InstallShield enables you to sign any and all of the following files in a release, depending on what type of project you are using:
| • | Windows Installer package (.msi file) for Basic MSI and InstallScript MSI projects |
| • | Merge module package (.msm file) for Merge Module projects |
| • | Setup.exe file for Basic MSI and InstallScript MSI projects |
| • | Media header file for InstallScript projects |
| • | Package (self-extracting single-executable file) for InstallScript projects |
| • | Any files in your release, including your application files |
To learn more, see Digitally Signing a Release and Its Files at Build Time.
Windows Logo Guideline:All executable files (including .exe, .dll, .ocx, .sys, .cpl, .drv, and .scr files) in an installation must be digitally signed for the Windows logo program.
See Also