Help
FAQFAQForumForumUser GuideUser GuideContactContactCustomer InfoCustomer Info

Build-Time Best PracticesCopy link to this sectionLink to this section copied!

The Advanced Installer Best Practices system performs a series of automatic validations before the build process starts. These checks are designed to identify potential issues early, improving package security, reliability, and compliance with recommended standards.

If any issues are detected, Advanced Installer will display warnings or errors before the build starts, allowing you to fix them early in the development process.

Depending on their severity, some validations generate warnings, while others may block the build process until the issue is resolved.

Each validation targets a specific area of the project, such as digital signing, file structure, prerequisites, or configuration consistency.

Note Example: Using setup.exe as your package name may trigger a warning because it can expose your installer to DLL hijacking attacks.

Executable and Build ConfigurationCopy link to this sectionLink to this section copied!

  • Executable Naming: Prevents using generic names like setup.exe, which may expose the package to DLL hijacking vulnerabilities.
  • Administrative Privileges: Ensures the package is configured to run with administrative privileges when installing MSIX components for all users.
  • EXE Output Requirements: Verifies that an EXE package is used when required by UI themes or global prerequisites.
  • Extraction Paths: Validates that all configured extraction and download paths are valid and accessible.

When installing MSIX packages for all users, administrative privileges and digital signing are required to ensure proper deployment.

Digital Signing and CertificatesCopy link to this sectionLink to this section copied!

  • File Signing Validation: Detects files that are incorrectly marked for signing or already signed files that cannot be processed again.
  • SignTool Availability: Ensures the configured SignTool is available and has all required runtime dependencies.
  • SignTool Version Compatibility: Verifies minimum required versions when using advanced signing methods like Device Guard or Azure Key Vault.
  • Certificate Validity: Checks whether the selected digital certificate is valid and not expired.
  • SHA256 Requirement: Warns when using outdated SHA1 certificates and recommends SHA256.
  • Updater Certificate Expiry: Warns when the certificate used for update validation is close to expiration.
  • CER vs PFX Certificates: Ensures correct certificate format usage depending on the signing method.

Files, Components, and StructureCopy link to this sectionLink to this section copied!

  • WinSxS Restrictions: Prevents installation of files directly into the Windows WinSxS directory, which is reserved for system-managed assemblies.
  • Component GUID Uniqueness: Ensures each component has a unique identifier to avoid installation conflicts.
  • Unreferenced Directories: Detects directories assigned to features but lacking associated components or files.
  • Temporary File Size: Validates that temporary files do not exceed supported size limits.

Prerequisites and DependenciesCopy link to this sectionLink to this section copied!

  • Prerequisite URLs: Ensures that prerequisite download URLs are accessible (for example, not local file paths).
  • Visual Studio Extensions (VSIX): Validates that required Visual Studio prerequisites are properly configured.
  • Java Product Configuration: Confirms that the configured main class matches the one defined in the JAR archive.

Project ConfigurationCopy link to this sectionLink to this section copied!

  • Product Version Format: Ensures that the ProductVersion property follows a valid versioning format.
  • Folder Redirection: Detects system folders that require redirection but are not properly configured.
  • RTF File Validation: Ensures that RTF files used in UI controls are valid and properly formatted.

Updater and Download ConfigurationCopy link to this sectionLink to this section copied!

  • Updater Download Folder: Validates the path used for downloading updates.
  • Prerequisite Download Folder: Ensures that prerequisite packages are downloaded to a valid location.

Why These Validations MatterCopy link to this sectionLink to this section copied!

These validations help prevent common packaging mistakes that may otherwise lead to installation failures, security vulnerabilities, or inconsistent deployment behavior.

By enforcing best practices at build time, Advanced Installer ensures that packages are secure and aligned with modern Windows requirements.

Tip It is recommended to review and resolve all validation warnings before distributing your installer to production environments.