Hello,
I want to use AzureSignTool to digitally sign my installer using an access token. To accomplish this, I have enabled signing and selected Custom for the sign tool. I have managed to get the command line working as I want but I cannot work out how to set the path to the tool to be generic for the computer/user. By default, it is installed to %USERPROFILE%\.dotnet\tools\AzureSignTool.exe, so all I want to do is use the USERPROFILE environment variable in the path (for the custom tool). But for the life of me, I cannot figure out how to do this.
Can anybody help?
Cheers,
Ben
Suggested Articles
Re: Custom Tool for Digital Signing
Hello Ben,
From the UI, it indeed looks like we can not achieve that.
However, we can do so via a PowerShell script (through our PowerShell automation support
).
So, assume you have the Advanced Installer project with the "Digital signing" option already enabled + the "Custom" selected.
Here is a small script that selects the path of signtool using %USERPROFILE%.
Hope this helps!
Best regards,
Catalin
From the UI, it indeed looks like we can not achieve that.
However, we can do so via a PowerShell script (through our PowerShell automation support
).So, assume you have the Advanced Installer project with the "Digital signing" option already enabled + the "Custom" selected.
Here is a small script that selects the path of signtool using %USERPROFILE%.
Code: Select all
$advinst = new-object -comobject AdvancedInstaller
$proj = $advinst.LoadProject("C:\Users\Catalin\Desktop\Your Application.aip")
$ds = $proj.DigitalSignature
$ds.CustomToolPath = "$Env:UserProfile\test\signtool.exe"
$proj.save()Best regards,
Catalin
Re: Custom Tool for Digital Signing
Hi Catalin,
Thanks for your reply.
I can see you that your solution would work but we have source code control, so we'd have to find a way to revert the changes once the build had completed, otherwise the .aip file would appear as changed.
My solution was to add a Project Path Variable called "UserProfileFolder" with it'=s value set to %USERPROFILE%, and then to set the path to the custom sign tool to "<UserProfileFolder>\.dotnet\tools\sign.exe".
To get the other (custom) environment variables into the command line, I had to create custom properties and copy in the value of each environment variable, and then pass that into the command line; it ended up as "code azure-key-vault -kvu [|CODE_SIGNING_KEY_VAULT_URL] -kvc [|CODE_SIGNING_KEY_VAULT_CERTIFICATE_NAME]" ([|CODE_SIGNING_KEY_VAULT_URL] has %CODE_SIGNING_KEY_VAULT_URL% etc).
It works but it's rather clunky, so perhaps it's something you could look at improving in a future version.
Cheers,
Ben
Thanks for your reply.
I can see you that your solution would work but we have source code control, so we'd have to find a way to revert the changes once the build had completed, otherwise the .aip file would appear as changed.
My solution was to add a Project Path Variable called "UserProfileFolder" with it'=s value set to %USERPROFILE%, and then to set the path to the custom sign tool to "<UserProfileFolder>\.dotnet\tools\sign.exe".
To get the other (custom) environment variables into the command line, I had to create custom properties and copy in the value of each environment variable, and then pass that into the command line; it ended up as "code azure-key-vault -kvu [|CODE_SIGNING_KEY_VAULT_URL] -kvc [|CODE_SIGNING_KEY_VAULT_CERTIFICATE_NAME]" ([|CODE_SIGNING_KEY_VAULT_URL] has %CODE_SIGNING_KEY_VAULT_URL% etc).
It works but it's rather clunky, so perhaps it's something you could look at improving in a future version.
Cheers,
Ben
Re: Custom Tool for Digital Signing
Hello Ben,
Thank you for your followup on this and for sharing the solution with us.
I am sure other users facing a similar scenario will find value in this.
Regarding the improvement, sure thing, I'll discuss this with the dev team to see if and how we can improve it.
Best regards,
Catalin
Thank you for your followup on this and for sharing the solution with us.
I am sure other users facing a similar scenario will find value in this.
Regarding the improvement, sure thing, I'll discuss this with the dev team to see if and how we can improve it.
Best regards,
Catalin