Eternal21
Posts: 21
Joined: Mon Aug 15, 2016 5:51 pm

How to protect a command line argument being passed into 'Launch File' custom action?

Tue Apr 20, 2021 9:35 pm

I'm creating a certificate file using certuil, and need to pass in a password argument into it. I believe I need to use a property for that purpose ('User Defined' property?). What's the recommended way of ensuring people can't extract that password by looking at the generated msi file? Thanks.

Catalin
Posts: 6542
Joined: Wed Jun 13, 2018 7:49 am

Re: How to protect a command line argument being passed into 'Launch File' custom action?

Mon Apr 26, 2021 2:42 pm

Hello,

Unfortunately, if the password will be the same for every package, the user will be able to see the password in plain text by opening the MSI database.

However, if the password is unique to each user (e.g. the user provides it at install time), then you can secure it by checking the "Secure property" option for that property in "Install Parameters" page.

This way, the property will not be shown in places such as the log file / registry entries / etc.

Hope this helps!

Best regards,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

Return to “Common Problems”