I'm facing an issue with a setup project that contains 3 powershell scripts as custom actions.
Target machines now demands (for security policies), for all scripts, a valid digital signature.
Originally, these scripts were set as Run PowerShell inline script custom actions, so the weren't digitally signed (only project files were, and the setup itself), so the setup failed.
To work around the issue, I moved the 3 inline scripts into .ps1 files, and signed them. Then, I replaced the 3 custom actions with their Run PowerShell script file alternative, with the "Attached script" option.
However, the issue during setup is unchanged (install log follows):
Code: Select all
MSI (s) (D8:20) [14:53:43:635]: Invoking remote custom action. DLL: C:\windows\Installer\MSIFE51.tmp, Entrypoint: RunPowerShellFileScript
Dumping PowerShell invoke log ...
--> Found PowerShell path: C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe
--> PowerShell Script Execution Result Code: 1
--> PowerShell Script Execution log:
File C:\Users\UT11552\AppData\Local\Temp\pssFE9B.ps1 cannot be loaded. The
file C:\Users\UT11552\AppData\Local\Temp\pssFE9B.ps1 is not digitally signed.
You cannot run this script on the current system. For more information about
running scripts and setting execution policy, see about_Execution_Policies at
http://go.microsoft.com/fwlink/?LinkID=135170.
+ CategoryInfo : SecurityError: (:) , ParentContainsErrorRecord
Exception
+ FullyQualifiedErrorId : UnauthorizedAccess
CustomAction PowerShellScriptFile_addrights returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
Action ended 14:54:14: PowerShellScriptFile_addrights. Return value 3.
How can I solve this problem? I thought about setting my 2 .ps1 signed scripts as installed files, but the problem is that 2 of these scripts needs to be executed before Install Execution Stage, when no files were written yet.
Thank you, and best regards.
Michele