I am trying to install a PKCS#11 module into Mozilla Firefox via an MSI setup application. After doing some search through the internet, I bumped into the modutil tool which has a wide variety of responsibilities especially in my case for installing / uninstalling the PKCS#11 module to NSS security databases. I downloaded the latest source code of modutil and built it using MozillaBuild.
Also, I writing a C code to add module to database using secmod_addnewmodule, which returns "-1" as a error.
Following is my code to add module where configdir is the path to secmoddb database.
int rv = NSS_Initialize(configdir, "", "", SECMOD_DB, NSS_INIT_FORCEOPEN );
hr = SECMOD_AddNewModule("test","D:\\Pkcs\\PKCS11_VSC.dll",internalMechanismFlags,internalEnableFlags);
Does anybody know how I can overcome this issue, and is there any unseen aspect to work with this utility. Also, is there a solution to install/uninstall pkcs#11 module for all user profiles with one common process. Finally, is there a better solution to do the task of installation using my setup. I am using WiX Toolset to create MSI setup
if NSS_Initialize fails to open secmod database we cannot add the module to database.
the nss library automatically takes the default flags required for adding database.
secmod _deletemodule deletes the module which is added to the database.
Related
I am trying to install DB2 ibm data server client(version 11.1), silent install in my windows server. i am using response file for the installation. I gave the path in response file to install in D drive, but still it is installing in C drive only. the command i was using is: msiexec /i "MSI path" /q /l*v "log file path" RSP_FILE_PATH="response file path".
Check the following:
Installing Db2 products and features using a response
Some notes on MSI customization in general below.
And a link to the most commonly used library of packaging tips contributed by packagers:
https://www.itninja.com/software-library/company/ibm
Different Designs: The exact mechanism used to redirect a folder like that depends on the design of the application and the setup from the vendor, they often do something very non-standard so reverse engineering their solution fully or slightly is usually neccessary.
Itninja.com: Maybe have a look if you can find the software here in the itninja.com "software tips" section: https://www.itninja.com/software-library/company/ibm - this is a collection of comments people have made who have packaged and deployed the software in question - either unsuccessfully or successfully. I can't really tell what the exact product name is, please check.
Download: If you have a download link that is publicly accessible I can have a quick look at the MSI to determine how it is set up. Please be aware that it is much better to install an MSI directly via normal configuration mechanisms (setting public properties and / or creating a transform - sample here) than to run a setup.exe with response file (which sometimes is the only possibility depending on the overall deployment design).
How to make better use of MSI files
A couple of quick overviews:
How to parameterize msi file from electron builder
MSI Repackaging - free tool
And some further links for reference:
Change the value of a MSI property loaded from a DLL using a MSI transform
How to run an installation in /silent mode with adjusted settings
I have a created a simple wpf desktop application which uses sqlite as embeddable database.Now I need to create the setup file. I created it using InstallShield. the file successfully installed without any errors. But when I try to run the application, nothing happens. Neither an error is thrown nor application runs. Also I didn't add any Sqlite dll(don't know how to add if its required). Can someone guide why I am having trouble
Verify your setup project is importing every dependency to the install package. link1 link2
I have created a WPF application. I have used the microsoft.sharepoint dll to get some data from lists.
I created a deployment package . When i run the setup i get the following error
unable to install or run the application. The application requires
that assembly Microsoft.HTMLTrans.Interface version 12.0.0.0 be installed first
in the global assembly cache.
I commented the SharePoint method calls and instead accessed sharepoint lists using the Sharepoint web service approach.
It resolved the issue.
I recently inherited a C# Winforms application that communicates with Quickbooks via their QBFC interface. The application contains a reference to the COM Server Interop.QBFC7.dll. The application works fine in our test environment and in several of our client's environments. Although, yesterday when I attempted to install it on a new customer's system I continued to get the following error:
Could Not Load File or Assembly 'Interop.QBFC, Version=8.0.0.87, Culture=neutral, PublicKeyToken=...' or one of its dependencies. The system cannot find the file specified.
I know that we have several customers running this application on various versions of Quickbooks (i.e. Quickbooks Pro, Premier and Enterprise between 2008 and Enterprise 11.0). To my knowledge, this is the first customer that we have attempted to deploy this application that has Enterprise 12.0.
I have attempted the following to resolve the issue with no success:
1) Install the QBFC7_Installer from the Intuit Developer Network Site
2) Install the Quickbooks SDK 10 Installer from the Intuit Developer Network Site
3) Verified that the Interop.QBFC7.dll file is present on the file system.
4) Attempted to manually register the COM object Interop.QBFC7.dll via the command prompt: regsvr32 Interop.QBFC7.dll (This fails as well and windows returns an error stating that it cannot find the object).
Does anyone have any suggestions or feedback about additional things that I can try to resolve this issue? I get the same error on 3 different machines at their site running different operating systems (i.e. Windows Server 2008, Windows 7, and Windows Vista)? I have also tried compiling in both x86 and 64-bit configurations to no avail.
Thanks in advance for any help.
First of all, you should be targeting an x86 build only. The QuickBooks SDK won't work if you target Any CPU or x64. Your main problem, though, is that you are looking for the wrong version of QBFC. Notice the version stamp on your error message:
Could Not Load File or Assembly 'Interop.QBFC, Version=8.0.0.87,
Culture=neutral, PublicKeyToken=...' or one of its dependencies. The
system cannot find the file specified
This is QBFC8, not QBFC7. So you should be able to fix the problem with the QBFC8 installer.
The version of QuickBooks should not make a difference, since QBFC 8 (or 7, for that matter) will work with the 2008 and Enterprise 11 or 12.
You should look into using a setup project to install your application in order to avoid this problem in the future. A setup project should detect the QBFC dependency automatically. Once you see this happening, go to SearchPath property of your setup project and add the MergeModule directory from the SDK that is installed on your machine. Once you do this, you should see that the QBFC and Xerces merge modules are added to your project automatically as dependencies. Of course, you'll also need to update your code to a more recent version of QBFC, but that's probably a good idea in any case.
I'm trying to figure out the easiest and most secure way to Authenticode sign binaries in one of my projects.
The easiest way I can see to do this is to grab the result of compilation--a completed install package containing all my binaries--extract the assemblies from it, sign them, then repack these signed assemblies in the MSI which then gets signed.
Lots of information out there about unpacking files from an MSI, but nothing about re-packing them. How can I do it?
Editing my original response....
If you want to embed signing into your unattended build process, you can just use the MSBuild SignFile task, which wraps the authenticode signing APIs http://msdn.microsoft.com/en-us/library/ms164304.aspx
Alternatively just use a call to SignTool.exe.
You will need to install your Software Publishing certificate onto the machine using certmgr.exe or the certificates mmc snapin. Once it's installed into the local certificate store you just reference it using the SHA thumbprint, which you can find on the certificate properties or by just listing the cert in certmgr.exe.
We have to regularly update our certificates so we have additional steps in our build to re-import the certificate locally at the start of the build, and pull in the certificate hash. I would advise against storing the hash in source control in case you have to go back and build an old version - it should be part of your environmental configuration, e.g. an env var or something else that can be decoupled from your source code.
Also, don't forget to timestamp the signed files so that the validity of the signature can be guaranteed. I would also advise you to decouple signing from timestamping. Timestamping is a network operation that can occasionally go wrong, so it's useful to be able to discriminate between a signing failure and a timestamping failure, since a timestamping failure is only an issue for gold builds that might be released publicly.
You don't state what your build system is, but the (overly simplified) flow my projects go through are as follows (I use nant tasks for pretty much everything, triggered from CruiseControl.net)
Grab everything from source control
Build clean project
Grab unsigned files
Using signtool.exe sign all relevant files (e.g. exe, dll, ocx)
Build MSI (with WiX)
Do some custom post-build tasks on the MSI
Digitally sign the MSI
(Depending on build parameters) Compress MSI with a bootstrapper
Sign the bootstrapper
Upload to a staging area
Email Dev+QA teams that build is ready for testing.
If it fails anywhere along the way, then just email the Dev team.
You should be able to do this with MSBuild, Nant, or a variety of other tools. It'll probably involve a little custom work in places, but the end result is a reliable build system that requires zero human interaction with the build (unless someone wants to 'force' a build, even that is just clicking a button on a webpage or something)