I recently found out about Visual Studio's ability to create a Setup.exe file for your project when you publish the project (Build -> Publish [Project Name]). When I've done this I noticed a new file being added to my project with the name "[Project Name]_TemporaryKey.pfk" (so if the project was HelloWorld the .pfk would be "HelloWorld_TemporaryKey.pfk").
What is this file and why do I need it?
Do I need a "PermanentKey" at some point?
Thanks for your help.
A .pfk file is Personal Information Exchange file that is used to "sign" your Visual Studio assemblies.
Assembly signing (also called strong-name signing) gives an application or component a unique identity that other software can use to identify and refer explicitly to it. A strong name consists of its simple text name, version number, culture information (if provided), plus a public/private key pair. This information is stored in a key file; this can be a Personal Information Exchange (PFX) file or a certificate from the current user's Windows certificate store. More information can be obtained here.
I haven't worked with them much but I believe the link(s) below may shed some light on their use:
The Use of .PFK and .SNK files
Signing an Assembly - MSDN Documentation
Hope these helped.
Related
On WPF installer project build generates setup.exe and it is being signed using Signtool on PostBuldEvent. It does show Publisher as unknown on UAC popup at the very last step of setup.exe.
Can someone help me to fix this ?
MSI vs Setup.exe: You should sign the MSI file as well as the Setup.exe file.
Certificate Type: What kind of certificate are you using? I believe you need a digital code-signing certificate from a recognized issuing authority (DigiCert, Thawte, etc...).
EV-code signing certificate (please visit this link).
Why do I still see publisher unknown with the UAC prompt?
Get a code signing certificate
Signtool.exe: If you have a valid certificate, are you using the /d option to the command line of signtool.exe when signing your MSI?:
signtool.exe /d "Your Software Name"
How to add publisher in Installshield 2018
Trust Yet Verify: When you have signed the file, right click it and select "Properties" to make sure the file is actually successfully signed. Look for the tab "Digital Signatures" (or equivalent in your own language):
Administrative Installation: Sometimes people forget that they have run an MSI through an administrative installation. This is essentially a file extract from the MSI resulting in a new MSI without the embedded CABs in the output location (more). This extracted MSI will not be signed - even if the original MSI was signed. This extracted source is used in many companies to keep the installation files on a networks share available for repair and inspection (and during application packaging to inspect the package content - and other purposes).
Post-Processing MSI: This is actually a very common issue: you must never touch a file that has been digitally signed. If you edit it after the signature has been applied this invalidates the signature. The whole point of digital signatures is to verify that the file you look at is the one that was signed by the vendor. In other words that the file has not been changed in transit to you (tampering, malware infection, etc...). More on this important issue here (attempted humor in there). Note that the tampering might happen via automation scripts and not by manual editing, hence one must always check for this cause.
Other Issues: There are also some other possibilities. The signed file could be corrupted during download or from malware attack and such things. Far beyond the question, but just mentioned for whoever might find this.
Links:
Is it possible to define a Windows Installer-uninstaller filename?
Installshield Custom Dialogue Installer
How can i generate windows certificate so my msi doesn't shows warning to users
Further Links:
Windows printscreen not working on Software Installation
WIX-Installer MSI Publisher Unknown
Everything you need to know about Authenticode Code Signing
I have created a GUI and Database for my company. I am trying to alpha test the program. I made the program so that everyone would place it on their C drive so that the file paths would stay consistent. When I email the zip folder to everyone it adds an extra folder that is causing errors to the file path (I believe the error occurs during extraction?). Does anyone know a good way to prevent this from happening? Thanks!
Although "xcopy deployment" is a valid method to deploy programs, it can come with complications, as you have discovered. Instead, you can create an actual installer program which is much more versatile.
For a lead-in on making an installer you can read Create MSI installer in Visual Studio 2017.
Make sure that the program uses locations as given in the Environment.SpecialFolder Enumeration so that it is automatically adapted for any (properly-configured) Windows installation.
Other installers are available, e.g. Inno Setup, which may offer simpler or more detailed configuration of some options like replacing or keeping older files, or installing prerequisites like a required framework version.
I am using a variation of Jeff Atwood’s Unhandled Exception handler it steps in when there is an Unhandled Exception in the application. It then logs the error, generates a screen shot and notifies the user.
When compiled in a solution the project generates an EXE that is called when needed. In updating the program I am using Visual Studio 13 to edit the existing settings items in the project properties. In the code I use commands such as this from ConfigurationManager.
string appProduct = unhandledExceptions.Properties.Settings.Default.AppProduct;
I was happy to see that it worked and reflected the changes I made in the IDE. However I couldn’t find the settings in the solutions generated confg file (MyApplication.exe.config). I assumed it was reaching back to the other project folder for the UnhandledExceptions.exe.config.
I created an installer and installed it to a virtual machine. My settings carried over, but again I could not see a config file.
It turns out the values are embedded in the executable UnhandledException.exe.
The project does not have any resources listed. Searching the web and StackOverflow looking a questions that want to do this, and there are a lot of them, it seems this was generally considered not possible and not desirable. Questions usually end in “You don’t want to do that, it’s called config for a reason”.
I may want to turn this off, so it is editable externally. The properties of app.config in both projects are identical.
What setting is making this possible after all? Is it a new capability with Visual Studio 2013?
There is no Visual Studio setting required. If you don’t want the user to have access to the configuration file, don’t include it in the distribution. One can always be added if the settings names are known.
In the description below application generically represents the name of the application being used.
I’ve found through observation some interesting things about the way ConfigurationManager works.
For User settings it will look in the following places in order of priority:
user.config for the application in the user’s AppData area
application.exe.config in the program folder
application.exe itself
Each setting is searched for individually. If your application requests a setting that is not found in either user.config or the application.exe.config it will get it from the executable.
For Application settings it looks in the following places in order of priority:
application.exe.config in the program folder
application.exe itself.
There is no equivalent to user.config for application settings.
Opening the application.exe in the Visual Studio IDE does not reveal a resource for the configuration information.
application.exe.config is handy because it can be modified externally and used as a default value for new installations. Once a setting is overridden in the user.config the value in application.exe.config is ignored.
The same is not true for the AppSettings section, the older configuration method from .Net 1.0. If I delete the configuration file it does not have them in the executable.
These observations were made with Visual Studio 2013 Update 4 and tested in Windows 7 Professional 64-bit. I suspect they are true in all versions.
I am trying to add file association during my installation process however the guide supplied doesn't seem to work.
I have used the official Installshield help guide however this didn't work or add anything to the registry? The help guide was very basic and didn't mention what the verb argument does or how it should be used once you have added a new extension. (Not a very good help guide!).
Either way I understand that the registry holds a key that references the file extension and what should be done with it. Installshield appears to support what I am trying to do, however it just doesn't work? Could anyone suggest what the 'correct' process is for setting up a file extension?
Looks like an alternative method is to directly modify the registry with the values you need by using the registry change section within the installshield IDE. The appropriate registry keys can be created by adding a file association though windows and using this as a template of what to add to the registry.
Hey, I was wondering if you guys could see what is wrong/suggest a solution.
I have a dll Assembly for COM that I built with C#, and i am trying to get the COM object from Silverlight Out-of-browser. I want the siverlight application to be mobile between computers, so i put all the neccesary files in a zip along with a batch installer that does the followingto register the assembly:
cd %windir%\Microsoft.NET\Framework\v4.0.30319\
RegAsm.exe "%USERPROFILE%\My Documents\Homework Clock\windowsHook.dll" /tlb /nologo
My application finds the assembly and it works fine on my dev computer, but when I move my application to a test computer (along with the dll and any other neccesary files), my batch file says it registers successfully but the application doesn't find it.
However, when i rebuild the assembly with C# on the test computer and replace the dll i moved from the dev computer with the rebuilt dll, the application finds it fine. It would be convenient for my clients if they didn't have to rebuild the assembly using C# if they wish to use my application, so i was wondering if there was a way to fix this.
I looked into this problem for a while and thought it might be because my assembly wasn't a strong named assembly, since I think C# does that automatically, so i tried doing it in my batch file and it couldn't recognize the 'al' and 'sn' commands necessary to generate the cryptographic key to give an assembly a strong name, and i tried doing it in the
'signing' tab in the C# project properties, but i encountered the same problem. Any ideas how to fix this?
Thanks in advance
The reason it works when you rebuild with VS is because it runs Regasm.exe with the /codebase option. Required if you don't plan to put the assembly in the GAC.
C# does not automatically give assemblies a strong name. If you're using Visual Studio, open the project's Properties page, and look under the Signing tab. Check Sign the Assembly, and generate a new strong name key file. Build your project, and you should be able to do what you need to do with your existing batch file.