Changing the Timestamp Server for Digital Signatures

InstallShield 2022

Project:This information applies to the following project types:

Basic MSI
InstallScript
InstallScript MSI
InstallScript Object
Merge Module
QuickPatch

When you specify digital signature information for a release, InstallShield uses DigiCert’s server (http://timestamp.digicert.com) as the default timestamp server during builds. InstallShield includes a machine-wide setting that lets you replace that default server with a different timestamp server. The setting also lets you disable timestamping.

InstallShield 2019 R2 and later supports adding a delay between the successive digital signing, this requires only if the timestamp server fails handle the successive signing requests.

Required to specify the <DelayBetweenSigning default="1500"/> node in the settings.xml, under <DevStudio/Build> node in Settings.xml in milliseconds.

Caution:The following instructions require that you modify the Settings.xml file that is installed with InstallShield. This file contains critical data; if it is edited incorrectly, it can cause InstallShield to fail to work. Use extreme care when editing this file.

To configure the timestamp server for digital signatures:

1. Close InstallShield.
2. Find the Settings.xml file that is installed with InstallShield. Settings.xml is installed in one of the following locations, depending on which language version of InstallShield you are using:
EnglishInstallShield Program Files Folder\Support\0409
JapaneseInstallShield Program Files Folder\Support\0411
3. Create a back-up copy of the Settings.xml file, in case you later need to revert to the original version.
4. Use a text editor or XML file editor to open the Settings.xml file.
5. Search for the <DigitalSignature> element. It looks something like this:

<DigitalSignature Timestamp="http://timestamp.verisign.com/scripts/timstamp.dll"/>

6. To override the timestamp server with a different one, set the value of the Timestamp attribute to the appropriate URL.

To disable timestamping, use an empty value for the Timestamp attribute:

<DigitalSignature Timestamp=""/>

Note:Disabling timestamping may affect how long your digital signature is considered to be valid.

7. Save the Settings.xml file.
8. Ensure that your XML code is well formed; if it is not well formed, you may have problems using InstallShield. In most cases, you can identify improperly formed XML code by opening the Settings.xml file in Internet Explorer. You should be able to expand and contract the major elements of the file; if you cannot, check the code for errors.

In InstallShield 2019 and later, the timestamp server is set to a SHA-2 server to:

<DigitalSignature Timestamp="http://sha256timestamp.ws.symantec.com/sha256/timestamp"/>

Whenever you build a release that includes digital signature information, InstallShield sets the timestamp according to the setting that you configured.

Tip:If you use the Standalone Build to build a release, update the Settings.xml file that is installed with the Standalone Build. Settings.xml is installed in one of the following locations, depending on which language version of InstallShield you are using:

EnglishStandalone Build Program Files Folder\Support\0409
JapaneseStandalone Build Program Files Folder\Support\0411

See Also