Hello,
I want to use AzureSignTool to digitally sign my installer using an access token. To accomplish this, I have enabled signing and selected Custom for the sign tool. I have managed to get the command line working as I want but I cannot work out how to set the path to the tool to be generic for the computer/user. By default, it is installed to %USERPROFILE%\.dotnet\tools\AzureSignTool.exe, so all I want to do is use the USERPROFILE environment variable in the path (for the custom tool). But for the life of me, I cannot figure out how to do this.
Can anybody help?
Cheers,
Ben
Suggested Articles
Re: Custom Tool for Digital Signing
Hello Ben,
From the UI, it indeed looks like we can not achieve that.
However, we can do so via a PowerShell script (through our PowerShell automation support
).
So, assume you have the Advanced Installer project with the "Digital signing" option already enabled + the "Custom" selected.
Here is a small script that selects the path of signtool using %USERPROFILE%.
Hope this helps!
Best regards,
Catalin
From the UI, it indeed looks like we can not achieve that.
However, we can do so via a PowerShell script (through our PowerShell automation support
).So, assume you have the Advanced Installer project with the "Digital signing" option already enabled + the "Custom" selected.
Here is a small script that selects the path of signtool using %USERPROFILE%.
Code: Select all
$advinst = new-object -comobject AdvancedInstaller
$proj = $advinst.LoadProject("C:\Users\Catalin\Desktop\Your Application.aip")
$ds = $proj.DigitalSignature
$ds.CustomToolPath = "$Env:UserProfile\test\signtool.exe"
$proj.save()Best regards,
Catalin
Re: Custom Tool for Digital Signing
Hi Catalin,
Thanks for your reply.
I can see you that your solution would work but we have source code control, so we'd have to find a way to revert the changes once the build had completed, otherwise the .aip file would appear as changed.
My solution was to add a Project Path Variable called "UserProfileFolder" with it'=s value set to %USERPROFILE%, and then to set the path to the custom sign tool to "<UserProfileFolder>\.dotnet\tools\sign.exe".
To get the other (custom) environment variables into the command line, I had to create custom properties and copy in the value of each environment variable, and then pass that into the command line; it ended up as "code azure-key-vault -kvu [|CODE_SIGNING_KEY_VAULT_URL] -kvc [|CODE_SIGNING_KEY_VAULT_CERTIFICATE_NAME]" ([|CODE_SIGNING_KEY_VAULT_URL] has %CODE_SIGNING_KEY_VAULT_URL% etc).
It works but it's rather clunky, so perhaps it's something you could look at improving in a future version.
Cheers,
Ben
Thanks for your reply.
I can see you that your solution would work but we have source code control, so we'd have to find a way to revert the changes once the build had completed, otherwise the .aip file would appear as changed.
My solution was to add a Project Path Variable called "UserProfileFolder" with it'=s value set to %USERPROFILE%, and then to set the path to the custom sign tool to "<UserProfileFolder>\.dotnet\tools\sign.exe".
To get the other (custom) environment variables into the command line, I had to create custom properties and copy in the value of each environment variable, and then pass that into the command line; it ended up as "code azure-key-vault -kvu [|CODE_SIGNING_KEY_VAULT_URL] -kvc [|CODE_SIGNING_KEY_VAULT_CERTIFICATE_NAME]" ([|CODE_SIGNING_KEY_VAULT_URL] has %CODE_SIGNING_KEY_VAULT_URL% etc).
It works but it's rather clunky, so perhaps it's something you could look at improving in a future version.
Cheers,
Ben