WIX Bootstrap rejects digitally signed MSI

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

WIX Bootstrap rejects digitally signed MSI

This post has NOT been accepted by the mailing list yet.
I've created a WIX Burn bootstrapper .exe that installs a WIX created .msi file.

The .msi is not compressed inside the .exe as I need to be able to deploy the .msi over GPO

Yesterday I decided to digital sign the MSI using SignTool, which appears to be successful as the Digital Signature tab is visible in the MSI file properties page.

The MSI installs fine on its own, but if I attempt to install via the bootstrapper .exe I get an error about the hash being invalid (I guess that is expected as I've modified the MSI by digitally signing it).

I then added the SuppressSignatureVerification="yes" attribute to my <MsiPackage > definition. This is supposed to disable the Hash check and perform verification via the certificate instead. However, I still got the same error about the Hash being invalid when I run the bootstrap.exe...

Can anyone provide some advice why this might not be working as I expect?