1. I check the "Enable Signing" box in the installer
2. The correct certificate (the only one) is selected
3. I build the app
4. The password dialog for my Digicert dongle comes up.
5. I enter the password and signing finishes
But lately, something odd has been happening. I never get the password dialog. Instead the entire signing process goes all the way, it tells me is singed the MSI. But it produces an installer that is not trusted by anyone.
I do see this in the output pane
But Windows Smartscreen still does not like the binary producedWriting Summary Information
Signing MSI
This file was signed with the certificate: d03ff007-4e47-4f6e-9e5a-e818ab5044b5
Creating EXE file
Signing EXE file
This file was signed with the certificate: d03ff007-4e47-4f6e-9e5a-e818ab5044b5
Validating MSI
Even if I reboot the PC, I am never asked for the password. I know this is wrong, but I cannot figure how to make AI do... whatever it is supposed to do to trigger the password dialog.
Even if I turn off "Single Logon" in the SafeNet client utility, before rebooting, I am still not asked ever fopr my dongle pasword.
(Note: My certificates are paid through next year and up to date).
To diagnose this further, I have looked at the Digital Certificate properties (went to File Explorer, right clicked on the AI-generated installer .EXE file, chose "Properties" and then "Digital Certifcates". The older certificates where it worked show my company's name in the "Name of signer field.
The newer, bad ones (which do not work) instead show that GUID (above) in the "Name of Signer"
1. Has something changed in how code-signing works?
2. Is there a log file somewhere in which I see exactly what command line the AI supplies to signtool in order to replicate it on the command line myself to try to diagnose the issue?
