Groups | Blog | Home
all groups > dotnet sdk > february 2007 >

dotnet sdk : signcode & vista


David Thielen
2/14/2007 8:57:05 PM
Hi;

I strongname all of my .NET DLLs and .EXEs. I signcode all DLLs, EXEs, and
my MSI - even the non .NET ones.

When installing on Windows XP it all works as expected. But on Vista I think
it wants more. I get prompted during setup on my bootstrapper.exe program:
Ins7A3A.tmp
Windward Studios Inc.
\\ariel\c\src\InstallAutoTag.exe

Shouldn't it have more info from the signcode? and why the temp directory
listing? What this .exe is is a self-extracting zip that extracts the
bootstrapper.exe and the setup.msi it calls when done.

And then when uninstalling - which is all run off of the msi (built with
WIX) I get:
"An unidentified program wants to access your computer
Unidentified Publisher
Update
4.1.47
Windward Studios
English (United States)


Am I missing something new needed?

--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com

Cubicle Wars - http://www.windwardreports.com/film.htm

wawang NO[at]SPAM online.microsoft.com
2/15/2007 12:00:00 AM
Hi Dave,

This is due to Vista has tighter security restriction on the publisher
certificates. The persence of a certificate by itself doesn't make the
signed file more safer. The point here is that third parties like VeriSign
(http://msdn2.microsoft.com/en-us/library/ms995347.aspx) that a certificate
is authentic and that you're who you claim to be.

As for the temp directory, I think it's because the files being installed
are first extracted to the temporary; and when installing it, the MSI
engine knew the files are signed but the publisher is not verified,
therefore it prompts the files to user.

For more information, please refer to:

#Certified for Windows Vista Requirements
http://download.microsoft.com/download/8/e/4/8e4c929d-679a-4238-8c21-2dcc8ed
1f35c/Windows%20Vista%20Software%20Logo%20Spec%201.1.doc


Regards,
Walter Wang (wawang@online.microsoft.com, remove 'online.')
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.
David Thielen
2/20/2007 10:20:08 AM
Hi;

Our certificate is from Verisign. And I read the doc you pointed at - I
didn't see anything there that was relevant to this.

Any other ideas? The program is at
http://www.windwardreports.com/downloads/InstallWindwardArrow.exe

--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com

Cubicle Wars - http://www.windwardreports.com/film.htm




[quoted text, click to view]
David Thielen
2/20/2007 10:30:03 PM
Hi;

I just checked again, the self-extracting zip, bootstrapper, and msi are all
signed with our certificate from verisign. Did you see something different?

--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com

Cubicle Wars - http://www.windwardreports.com/film.htm




[quoted text, click to view]
wawang NO[at]SPAM online.microsoft.com
2/21/2007 12:00:00 AM
Yes the self-extracting package, the .msi and bootstrapper.exe inside the
package are signed. However, the WindwardArrowSystemSetup.exe inside the
self-extracting package is not signed, is this program used upon installing?


Regards,
Walter Wang (wawang@online.microsoft.com, remove 'online.')
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.
wawang NO[at]SPAM online.microsoft.com
2/21/2007 12:00:00 AM
Hi Dave,

To your first question, it's because the bootstrapper self-extracting exe
will also need to be signed. Your .MSI is signed and if executed directly,
there's no warning issued. The .tmp file is just happen to be the extracted
file in the temp directory which is executing now.


For the uninstalling issue, we're sorry that it's a known and confirmed
issue of Vista:

#Aaron Stebner's WebLog : UAC prompt from unidentified publisher appears
when uninstalling MSIs on Windows Vista
http://blogs.msdn.com/astebner/archive/2006/12/03/uac-prompt-from-unidentifi
ed-publisher-appears-when-uninstalling-msis-on-windows-vista.aspx


Hope this helps.


Regards,
Walter Wang (wawang@online.microsoft.com, remove 'online.')
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

David Thielen
2/21/2007 2:10:13 PM
Oh wow - we missed that - thanks

--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com

Cubicle Wars - http://www.windwardreports.com/film.htm




[quoted text, click to view]
Got something to say? Click here to post a reply to this thread.
Don't see what you're looking for? Try a search.
View other messages about dotnet sdk
AddThis Social Bookmark Button
View Other Months
June 2003
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
home · blog · groups Questions? Comments? Contact the dn