-1

I have a .msi and .exe installer for a COM Office Add-in, but there is no publisher certificate with this installer.

I need to apply a certificate from my own authority to this installer.

How do I do this?

seanbulley
  • 15
  • 1
  • 5
  • Does this answer your question? [How to sign an MSI?](https://stackoverflow.com/questions/11090865/how-to-sign-an-msi) – Bob Arnson Nov 18 '20 at 03:59
  • You have an answer below to test, just want to add [this link](https://stackoverflow.com/a/6869564/129130) and [this one](https://stackoverflow.com/a/64092217/129130) (please read). – Stein Åsmul Nov 19 '20 at 02:50

1 Answers1

0

You can use the SignTool.exe (Sign Tool) for signing the installer with your own digital signature. Sign Tool is a command-line tool that digitally signs files, verifies signatures in files, and time-stamps files. This tool is automatically installed with Visual Studio. To run the tool, use the Developer Command Prompt for Visual Studio (or the Visual Studio Command Prompt in Windows 7). For example:

The following command digitally signs a file by using a certificate stored in a password-protected PFX file.

signtool sign /f MyCert.pfx /p MyPassword /fd SHA256 MyFile.exe

The following command digitally signs and time-stamps a file. The certificate used to sign the file is stored in a PFX file.

signtool sign /f MyCert.pfx /t http://timestamp.digicert.com /fd SHA256 MyFile.exe
Eugene Astafiev
  • 47,483
  • 3
  • 24
  • 45