views:

21

answers:

1

We have an application that requires the user to be an admin to run. So, in the app.manifest we have set up

<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />

We have a key to sign our assemblies with, which I have been able to use for signing the MSI and the executable of our application. The application's executable is signed via signtool.exe in the post build event for the project.

If I look in the bin directory, the executable is indeed signed correctly, but after it is packaged into the msi and installed on another machine, the executable is no longer signed.

This would normally not be a huge issue except that we require admin priviledges, so when the user gets the UAC prompt, it displays an unknown publisher.

How can I get the executable to be signed after it is packaged into an MSI?

+1  A: 

I finally found the answer on an obscure blog.

When the MSI is compiled, it does not pull from the bin directory, it pulls from the obj directory. Basically, I had been signing the wrong executable.

Seattle Leonard