We have purchased 'EV Code Signing' certificate which required USB token hardware. We have created a physical server where USB token is installed. To use that server, we have created a custom utility called "SignTool". This utility is assigned as a custom Signtool in advanced installer. So, it is called every time file is signed. This utility copies file to be signed to server where USB token is attached, invokes signtool command and once file is signed on that server, file is copied back to the original location. That way Advanced installer gets the signed files.
Build process works fine and I can also see certificate applied to MSI, CAB and EXE files. When we try to install EXE, it gives following error:
Code: Select all
Error 1330. A file that is required cannot be installed because the cabinet file <Cab filename> has an invalid digital signature. This may indicate that the cabinet file is corrupt. Error 0 was returned by WinVerifyTrust.
When we select "EXE setup with resources next to it" option, and sign individual files on the sign server, installers works fine. So, looks like custom tool support for advanced installer is contributing to error. We need your expert advice on this issue.