On my machine, I’m using a signed application with an installed certificate to get a trusted publisher dialog from Windows. I’ve created a certificate with makecert.exe and installed it to the certification store in windows. From there, I’ve exported the PFX and signed with signtool.exe my application. In order to get the same trusted publisher dialog on another machine, a certificate is necessary. Instead of installing the certificate by hand, an installer should accomplish the importation of the certificate. Unfortunately, the windows installer doesn’t support this f开发者_运维技巧eature. Because of that, I’m looking for a solution like a classical API command in windows. Is there something built-in in windows to make it easier or something comparable?
To install certificate with respect of MSI setup you have to use custom actions. If you not familiar with custom actions I recommend you to use the simplest custom action which allows you to start an exe. It can be an existing utility like CertUtil.exe (see here some examples and try certutil -importPFX -?
to see help about the import of PFX files).
精彩评论