Session Digital Signature

Enable and configure the digital signing operation.


Enable signing

Checking this checkbox means that the package is signed at build.

Software Publisher Certificate

Personal certificate

Choose one of the currently installed certificates.

<Most suited certificate> - If this is selected, "SignTool.exe" signs the files with the best certificate found in the current user's Personal certificates store.

NoteTo view or manage certificates inside the system store, you can use certmgr.msc tool (Press Windows Key + R, type "certmgr.msc" and press enter).

[ Create... ] - Creates a certificate with which you can sign your package for testing. Make sure you install it as a trusted certificate and use it only for testing purposes.

Signature Properties

Description

This field contains the signed content's description. It is shown by the Windows UAC after you click the "Install" button.

Description URL

This field contains a URL for a complete description of the signed content. The URL is used when the package is launched from an untrusted location (for example from the network) in the "Open File - Security Warning" dialog, where the "Name" field becomes a link to the URL you specified.

Timestamp service URL

A digital certificate has a validity period. After that period expires the signed code is not considered certified anymore. To prevent that a timestamp can be placed at the signing time which shows that the certificate was valid when the signing was done.

The “Timestamp service URL” specifies the URL of the timestamp server. An examples of such a server is: