DistillingExperts
asked on
How to sign a Installshield file?
Hi,
I am generating an installation file using Installshield. Inside this file I have a componet that requires a key for the end user. When trying to install my software with a Janus component, users receive the following message:
"This application is using an unregistered component from Janus Systems."
Is there a possibility to sign this component in the moment I am creating it in Installshield?
I have the key for the installation when I use Janus in development environment, but wouldn't like my user to have to install it and also to have the key for the third-party software (Janus).
Thank you in advance.
I am generating an installation file using Installshield. Inside this file I have a componet that requires a key for the end user. When trying to install my software with a Janus component, users receive the following message:
"This application is using an unregistered component from Janus Systems."
Is there a possibility to sign this component in the moment I am creating it in Installshield?
I have the key for the installation when I use Janus in development environment, but wouldn't like my user to have to install it and also to have the key for the third-party software (Janus).
Thank you in advance.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
_This_ is the type of the problem that indeed can be affected by signing the installation by certificate obtained from public trusted authority. See http://en.wikipedia.org/wiki/Code_signing for more information.
The following link
http://social.answers.microsoft.com/Forums/en-US/w7security/thread/bea30ad8-9ef8-4897-aab4-841a65f7af71
provides the algorithm of what UAC is looking at when the setup is launched. As you can see however, when you sign the installation, UAC will still warn the user, only then it will tell who has signed it.
It should be noted that the fact that specific product has been signed by digital signature, does help in establishing the identity of the author of the product, however it does not certify that the product is good, not malicious, etc. (other than the assumption that hackers usually tend to remain anonymous). The article from Wikipedia I linked above also mentions this.
The following link
http://social.answers.microsoft.com/Forums/en-US/w7security/thread/bea30ad8-9ef8-4897-aab4-841a65f7af71
provides the algorithm of what UAC is looking at when the setup is launched. As you can see however, when you sign the installation, UAC will still warn the user, only then it will tell who has signed it.
It should be noted that the fact that specific product has been signed by digital signature, does help in establishing the identity of the author of the product, however it does not certify that the product is good, not malicious, etc. (other than the assumption that hackers usually tend to remain anonymous). The article from Wikipedia I linked above also mentions this.
ASKER
It was fixed by using this:
http://msdn.microsoft.com/en-us/library/8s9b9yaz(VS.80).aspx
http://msdn.microsoft.com/en-us/library/8s9b9yaz(VS.80).aspx
ASKER
Now I am getting another message only in Windows 7:
"Do you want to allow the following program from an unknown publisher to make changes to this computer"?
Any clue on how do I remove this message?
Thank you in advance.