Hi,
I would rather not have to enter the PFX password every time I build the product. With normal build tools, I set the password as an environment variable so it does not have to be checked into the source code repository. But that does not appear to be an option in Advanced Installer.
I see the "Store encrypted password in project file" option. But I would need to understand what encryption is used, can someone elaborate?
Thanks!
Suggested Articles
Re: What encryption is used for signature passwords
Hello,
We use RC4-based cryptosystem, implemented with the Windows Cryptography API.
If you have other questions, please let us know.
Best regards,
Dan
We use RC4-based cryptosystem, implemented with the Windows Cryptography API.
If you have other questions, please let us know.
Best regards,
Dan
Re: What encryption is used for signature passwords
Thanks.
But I'm curious where the key is stored.
In other words: Who exactly will be able to open that AIP and use the code signing key? Anyone on the machine? Anyone logged into the current Windows user account?
But I'm curious where the key is stored.
In other words: Who exactly will be able to open that AIP and use the code signing key? Anyone on the machine? Anyone logged into the current Windows user account?
Re: What encryption is used for signature passwords
Hi,
The key which is used to encrypt your PFX password is stored in Advanced Installer code. So, in your AIP is the encrypted password, it is not a plain text.
Only Advanced Installer can use the encrypted password since it only can decrypt it.
If you have other questions, please let us know.
Best regards,
Dan
The key which is used to encrypt your PFX password is stored in Advanced Installer code. So, in your AIP is the encrypted password, it is not a plain text.
Only Advanced Installer can use the encrypted password since it only can decrypt it.
If you have other questions, please let us know.
Best regards,
Dan