How to sign an installer to prevent Vista's UAC warning.

Question

I have an app that I need to distribute and want to sign it so I can avoid the UAC warnings in vista. Currently I see this...

I am using visual studio to create the installer but the app was not written in .net. Do I need to sign both the .msi and the .exe contained in the .msi? What kind of key do I need and where should I get it? Currently I am thinking of verisign although they are expensive I need this to be trusted. Once I get the key how do I sign? If I undestand right al.exe and signtool.exe are for .net assemblies right? Thanks!

Answer 1

This particular dialog is the most scary one. There's a less-scary one if the application is signed but not countersigned. (Ie. it's only signed by you). To bypass it entirely, you indeed need a countersignature.

Windows contains a list of Trusted Root Certificate Authorities.(MMC.EXE > Add snap-in > Certificates > Computer Account). Some of those are intended for "Code Signing", which means those Certificate Authorities can counter-sign your signature. Verisign is in that list. If you're working on a corporate internet, the companies signature might/can be in there too.

Anyway, once you have a countersigned certificate, you indeed use signtool to sign both your app and its installer. Signing your own app is good practice, and helps a lot in Configuration Management. Signtool does have a GUI, but can also be used in CLI mode. The latter is useful when you want your build process to prompt for the key once and then build everything up to the installer. (Don't hardcode the password for your corporate certificate into your build process!).

But as I said earlier, you can also sign with a non-countersigned signature. This is quite useful for testing, as well as getting a hang of the whole process and doing automated builds.