It appears that running SignTool on an .exe is deceptively simple. I have some other tasks to complete before I can install a Microsoft SDK that has the tool. I will try SignTool over the weekend.
- Dennis -----Original Message----- From: Rob Weir [mailto:[email protected]] Sent: Tuesday, December 9, 2014 15:56 To: [email protected]; Dennis Hamilton Subject: Re: Signing AOO 4.1.1 (was RE: Budapest and thereafter) On Tue, Dec 9, 2014 at 5:19 PM, Dennis E. Hamilton <[email protected]> wrote: [ ... ] > I don't understand why full rebuilds are required. The only crucial file > that needs signing is the .exe that is downloaded and extracts the actual > setup files. All it does is extract a number of fixed files and then run the > extracted setup.exe. > [ ... ] Of course, nothing requires that we go for certification. I bet if we just signed the outermost installer it would be satisfy earlier versions of Windows, antivirus apps and browsers that are doing this kind of check. So it might be worth doing just this minimum initially. Regards, -Rob > If a signed version of that .exe can be created, using the existing setups > delivered with the current 4.1.1 .exe files, there is nothing else to do. It > has to be done once for each language, but that's it. No full rebuilds, no > new dates on files. The extracted setups would be binary identical to each > of the current ones for 4.1.1, so it is easy to verify that the signed .exe > does not deliver anything but the already reviewed installs. > > That might be unworkable, but it is definitely worth seeing if it is possible > rather than going through a full-up set of build processes. > [ ... ] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
