Sign Installer files with Installshield using AppViewX CSP

InstallShield allows users to create flexible installations quickly and easily across all Windows operating systems. It is easy for development teams to be more agile, flexible and collaborative when building reliable Windows Installer (MSI) and InstallScript installations for desktop, server, Web and mobile applications. Installshield allows users to digitally sign installation and application files using a PFX certificate or Windows Key Storage Managed Certificates.

Prerequisites

  1. Run the AppViewX SIGN+ Installer to set up the necessary prerequisites for using the AppViewX CSP.
  2. Ensure the InstallShield Project is ready for building and signing.
    Note: Only Installshield 2015 or above support signing with certificates managed in Windows Key Storage. Versions prior to that support only PFX based signing and hence cannot be integrated to sign using AppViewX SIGN+.

Steps to configure Installshield to sign using AppViewX SIGN+

  1. Open an existing InstallShield project.
  2. View the project in the InstallShield Wizard IDE.
  3. Click the Project Assistant tab to configure the necessary application settings.
  4. Select the Build Installation option to configure the building and signing of artifacts.
  5. For the required output artifact type (e.g., Single Executable in this example), select Digitally Sign Setup.
  6. Click the option next to Digital Certificate Information to select the signing certificate.
  7. In the Certificate Selection window, select Use a Certificate Store and configure the following options:
    a. Certificate Store Name: Personal
    b. Certificate Store Location: User
    c. Certificate Subject: Certificate installed through SIGN+_Installer
    d. Signature Digest: SHA-256 (Recommended)
  8. Verify the selected options and click OK.

Sign Installer Files: Sample Output

  1. Select the desired output type (e.g., Single Executable in this example).
  2. Go to Build -> Build SINGLE_EXE_IMAGE.
  3. Verify the output logs from the build process.
  4. Navigate to the Release folder and check the digital signature of the generated file.