Automatic account creation is now enabled. Captcha authentication required for account creation and editing unless you are trusted here.
Certificates and WiX
From WiX Wiki at MindCapers
Contents |
Certificates in WiX v3
<Certificate> isn't just for SSL certificates any longer. It's just stuck in the IIS extension because that's where it came from... it'll install normal certificates just fine. I do it all the time in Windows Marketplace.
If you need to install certificates, WiX has the <iis:Certificate> element. While intended for installing web server SSL certificates, I believe it's also capable of installing user certificates.
Assemblies and Certificates
Here is the process for installing an assembly and certificate using Visual Studio 2005. Some steps may have to be addapted depending on the environment.
Create a Key
First you have to create a key if you don't have one already:
makecert -n "CN=<CompanyName>" -sv <PVKFile.pvk> <CertificateFile.cer> -len 2048 -r pvk2pfx.exe -pvk <PVKFile.pvk> -spc <CertificateFile.cer> -pfx <PFXFile.pfx> [-po Password] pktextract <CertificateFile.cer>
The password, if any, will be the one you enter for the first step. The last step generates the public key token you'll be needing later.
Create a Manifest File
You'll need a manifest file, you can write it yourself or take the easy way out by compiling the project once after going to project properties and selecting General->Manifest. Set the Assembly Identity to:
<DllName>, type=win32, version=<VersionNumber>, processorArchitecture=X86, publicKeyToken=<PublicKeyToken>
- DllName is the name without the extension
- VersionNumber is of the form 1.2.3.4
- PublicKeyToken is the one you got from pktextract
Ensure that you have "Embed Manifest" under "Input and Output" set to no for this first time.
Depending on the compiler you're using you may need to edit the resulting manifest file and add the line
<file name="dllFile.dll" hash="0000000000000000000000000000000000000000" hashalg="SHA1"/>
before any dependency elements. The file name is the final name of the file, with the extension. The value of the hash bit is unimportant because it will be overwritten later. You can save the resulting manifest file and reuse it for the following steps multiple times as long as none of the fundamental values change (file name, version number, encryption key, etc.).
You then run
mt.exe -manifest <dllFile.dll.manifest> -hashupdate -makecdfs
which updates the hash value and creates a cdf ffile. Next you run:
makecat -v <dllFile.dll.manifest.cdf>
to create the cat file. Finally you run:
signtool sign /f <PFXFile.pfx> [/p password] /t http://timestamp.verisign.com/scripts/timestamp.dll <dllFile.dll.cat>
to sign the catalog file using the key.
Now the wix bit, which I had a lot of trouble with and sent a couple messages to the list about without resulting in much progress. Once I figured out what the missiing bits were however it turned out to be pretty simple:
<Component Id="DllComponent" Guid="MYGUID-#############">
<File Id="ManFile"
Name="dllFile.man"
LongName="dllFile.dll.manifest"
src="Path\dllFile.dll.manifest"
Vital="yes"
DiskId="1">
</File>
<File Id="CatFile"
Name="dllFile.cat"
LongName="dllFile.dll.cat"
src="Path\dllFile.dll.cat"
Vital="yes"
DiskId="1">
</File>
<File Id="DllFile"
Name="dllFile.dll"
LongName="dllFile.dll"
KeyPath="yes"
src="Path\dllFile.dll"
Vital="yes"
DiskId="1"
Assembly="win32"
AssemblyManifest="ManFile">
</File>
</Component>
And of course finally once you've installed your new assembly you need to reference it in any other projects that will be using it by going to Project Options->Linker->Manifest File->Additional Manifest Dependencies and adding
type='win32' name='<DllName>' version='<VersionNumber>' processorArchitecture='X86' publicKeyToken='<PublicKeyToken>' language='*'
