How to create visual studio setup project with Sign Certificate for Excel Add In Project

About

Asked 21/11, 2017 at 6:52 Answered 24/10, 2018 at 22:13

Solved c#excel visual-studio-2012 publishing

I have prepared one setup project for my C# excel add in project. Installing that setup in client PC my add in is installing as unknown publisher.

To resolve this I am adding certificate manually in client PC, but my goal is install my add in as trusted known publisher without adding certificate manually.

Is there any solution to do this?

Thanks in advance.

Yolondayon answered 21/11, 2017 at 6:52 Comment(10)

I guess, you are using a self-signed certificate? Normally, you have to use an official certificate from a cerificate authority for production code. Look for Root Certificate and Chain of Trust, e.g. at Wikipedia, for detailed explanations. – Grosmark 21/11, 2017 at 7:38

Yes you are right I am using self signed certificate – Yolondayon 21/11, 2017 at 7:42

How can I use my official certificate(I have official certificate also) – Yolondayon 21/11, 2017 at 7:45

You can use it the same way as you are using the self-signed. In the setup project, replace the self-signed with the official certificate, rebuild the setup and that's it. Because of the chain of trust, your official certificate (from a certificate authority) is automatically chained on local computers, because they have the root certificates normally already installed. – Grosmark 21/11, 2017 at 8:19

Still getting same result, I think I am missing something can you share steps to do this. – Yolondayon 21/11, 2017 at 8:39

Then I need more details, e.g. which Installer you use (InstallShield?), which version, how do you include your self-signed certificate etc. – Grosmark 21/11, 2017 at 11:32

Let us continue this discussion in chat. – Yolondayon 22/11, 2017 at 3:5

I am using 'Visual Studio Professional 2017 Setup Project', and adding certificate via "Select From File" option of "signing" tab in project properties. I am adding certificate to my addin project only, not adding to the setup project – Yolondayon 23/11, 2017 at 5:4

So, sign the setup project, too. Typically, I'm using InstallShield, but it is the same procedure. If you start the setup on a client PC, Windows tries to verify the signature. If the setup is not signed or the self-signed certificate is not correctly installed in the certificate store, you get the 'untrusted' notification. – Grosmark 23/11, 2017 at 7:31

Before starting the setup on client PC, do I need to install certificate in client PC? via properties of .exe ==> Digital Signature Tab ==> Double Click on certificate ==> View Certificate ..... etc. – Yolondayon 24/11, 2017 at 10:24

If you are using an official certificate from a certificate authority you can sign the setup file (ie msi or .exe) using signtool.exe adding a post-build line to your setup project's properties.

signtool sign /f MyCert.pfx /tr http://timestamp.comodoca.com/rfc3161 /v "C:\...\...\MySetupProject.msi

Signtool is automatically installed with visual studio.

In addition to this and prior to building your setup project, you want to sign the add-in's .dll file (also with signtool) and the manifest (with mage).

Haema answered 24/10, 2018 at 22:13 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags