http://neilsleightholm.blogspot.de/2012/05/wix-burn-tipstricks.html
About signing:
I created several .wixproj files for msbuild compilation. But to get signing to work, i had to do the following (this is probably just one way to do it):
Wix projects by default call a wix.targets task, which has many msbuild tasks for building the msi/merge modules, whatever with the installed wix version. It also holds an abstract task which you can redefine/redirect to sign you stuff.
To sign msi and cab packages:
<Target Name="SignCabs"> <Exec Command="$(signToolCall) "%(SignCabs.FullPath)"" /> </Target> <Target Name="SignMsi"> <Exec Command="$(signToolCall) "%(SignMsi.FullPath)"" /> </Target>
To sign BURN bootstrapper:
<Target Name="SignBundleEngine"> <Exec Command="$(signToolCall) "@(SignBundleEngine)"" /> </Target> <Target Name="SignBundle" > <Exec Command="$(signToolCall) "@(SignBundle)"" /> </Target>
And most important: each .wixproj file must have a property called (it does not matter in which property group you push that):
<PropertyGroup> <!-- this makes wix sign everything it can --> <SignOutput>true</SignOutput> </PropertyGroup>
To streamline everything, just put this one line into your .wixproj file:
<Import Project="$(WixTargetsPath)" /> <!-- the WixTargetsPath line already exists. add your default targets file to your .wixproj targets --> <Import Project="..\Default.targets" />
And to round everything up, here's my complete Default.targets file with methods to find the ProgramFiles (x86) directory and the windows installer SDK directory:
- <?xml version="1.0" encoding="utf-8"?>
- <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
- <PropertyGroup>
- <!--MSBuild 4.0 property-->
- <ProgramFiles32>
- $(MSBuildProgramFiles32)
- </ProgramFiles32>
- <!--Use OS env var as a fallback:- 32 bit MSBuild 2.0/3.5 on x64 will use this-->
- <ProgramFiles32 Condition=" '' == '$(ProgramFiles32)'">
- $(ProgramFiles%28x86%29)
- </ProgramFiles32>
- <!-- Handle MSBuild 2.0/3.5 running in 64 bit mode - neither of the above env vars are available. http://stackoverflow.com/questions/336633
- NB this trick (Adding a literal " (x86)" to the 64 bit Program Files path) may or may not work on all versions/locales of Windows -->
- <ProgramFiles32 Condition ="'$(ProgramFiles32)'=='' AND 'AMD64' == '$(PROCESSOR_ARCHITECTURE)'">
- $(ProgramFiles) (x86)
- </ProgramFiles32>
- <!--Catch-all - handles .NET 2.0/3.5 non-AMD64 and .NET 2.0 on x86 -->
- <ProgramFiles32 Condition=" '' == '$(ProgramFiles32)' ">
- $(ProgramFiles)
- </ProgramFiles32>
- <!-- some important directories -->
- <ProductsDir Condition=" '$(ProductsDir)' == '' ">
- $(MSBuildThisFileDirectory)..\Products\
- </ProductsDir>
- <msiDir>
- "$(ProgramFiles32)\Microsoft SDKs\Windows\v7.0A\bin\"
- </msiDir>
- <!-- signtool configuration -->
- <signTool>
- $(msiDir)signtool.exe
- </signTool>
- <timeStampServer>
- http://timestamp.verisign.com/scripts/timestamp.dll
- </timeStampServer>
- <signKey>
- "$(ProductsDir)your_key_file.pfx"
- </signKey>
- <uniformResourceLocator>
- www.your_web_adress.com
- </uniformResourceLocator>
- <signToolCall>
- $(signtool) sign /f $(signKey) /p smokey11 /du $(uniformResourceLocator) /t $(timeStampServer)
- </signToolCall>
- </PropertyGroup>
- <PropertyGroup>
- <!-- this makes wix sign everything it can -->
- <SignOutput>true</SignOutput>
- </PropertyGroup>
- <Target Name="SignCabs">
- <Exec Command="$(signToolCall) "%(SignCabs.FullPath)"" />
- </Target>
- <Target Name="SignMsi">
- <Exec Command="$(signToolCall) "%(SignMsi.FullPath)"" />
- </Target>
- <Target Name="SignBundleEngine">
- <Exec Command="$(signToolCall) "@(SignBundleEngine)"" />
- </Target>
- <Target Name="SignBundle" >
- <Exec Command="$(signToolCall) "@(SignBundle)"" />
- </Target>
- </Project>
Hey Jakob, thank you so much for that post. It just made my day ;-)
AntwortenLöschen