Oh, now why didn't I think of that? Oh, wait, I did...
Now had I not been signing the install, I might be inclined to believe you. The point is that it is signed, IISBrowseProxy does not appear as an exe that is signed. It is running elevated. Could you be just a little more specific about exactly which option I don't have set? please?
(Sorry, I'm always grouchy on Monday mornings when people treat me like an idiot)
To be clear, this is configured for Per-machine only, fails if not administrator. Package is an MSI, as it needs to fit in as part of a suite. If I check "Run as Administrator" it switches the build from msi to exe.
Incidentally, when I searched for "IISBrowseProxy" on here, I did not get a result.
Is the certificate that is used to sign your setup installed in the "Trusted Root Certification Authorities" (open a run window --> certmgr.msc --> expand "Trusted Root Certification Authorities" --> "Certificates" --> check for your certificate)? If not, please install it there and let me know if the problem still persists.
HI Catalin,
No, I can't use it from there, because our VSTS build pipeline can't access it properly, (and yes, we've tried installing the certificate using the profile of the user a/c that the service runs under, for some reason when it runs as a service the build pipeline can't access it) so it's done from a file on disk with a stored password, which works for everything else...
Is this documented somewhere?
I can see references to iis.dll and IIsProxy.exe in the Binary table when I look in Orca. Might it be possible to pre-sign the IISProxy.exe, I see it is in
C:\Program Files (x86)\Caphyon\Advanced Installer 14.8\custact\x86
curious why they are not signed when the package is built.
First of all, if your setup is signed with a certificate in the "Digital Signatures" page, then that EXE ("IISProxy.exe") should automatically be signed with the same certificate.
Secondly, that EXE may still be labeled as "Unknown" if, on the machine where you run the setup, the certificate is not part of the "Trusted Root Certification Authorities" store (installed for "Local Machine")
In order for me to further investigate this, could you please forward me a download link of your setup by e-mail at support at advancedinstaller dot com?
Catalin,
Sorry, but we'd never expect a customer to have to install our "signing certificate" before installing software. We would not even distribute our signing certificate. In fact, no one in their right mind would!
It's strange that the rest of the package is signed Ok, it's just when the IISBrowseProxy runs that this message comes up.
If possible, please forward me the setup that reproduces this issue. If this is not possible, then you can try to create a sample project which reproduces the issue (does not have to contain any files) and forward that to me (so I will be able to build it and test it).