Menu
I am using signtool to sign my msi.
How to recursively search all the msi in a folder and subfolder then sign them all?
634
msi on the Web server, you should sign the files with your digital certificate and private key, Mycert. cer and Mycert. pvk, using the SignTool utility. For more information about using the SignTool utility, see CryptoAPI Tools Reference in the Microsoft Windows Software Development Kit (SDK).
To sign your add-in with your own certificate, you first need to purchase a digital signature from a digital certificate vendor. Once you obtain a certificate (cer) or Personal Information Exchange (pfx) file, you can sign your DLL(s) using signtool.
The previous 2 answers show a PowerShell solution. You can accomplish this easily enough from a CMD.EXE Command Prompt as well.
for /r "yourRootFolder" %F in (*.msi) do signtool sign /a "%F"
Obviously you need to modify your signtool options to suit your needs. The important bit is %F will iteretively hold the name of each .MSI file.
If you want to run the command from within a batch file, then the % must be doubled, so %F becomes %%F in both places.
164
Here's an example using a code signing certificate (I have only one certificate in $cert):
$cert = Get-ChildItem -Path Cert: -CodeSigningCert -Recurse
Get-ChildItem -Path C:\MsiFolder -Filter *.msi -Recurse | Set-AuthenticodeSignature -Certificate $cert
Assuming you know what command line parameters you need for the MSI signing tool are you can get all MSIs under a given folder like this:
Get-ChildItem -recurse -path C:\MsiFolder -Include *.msi | ForEach-Object {
$msiPath = $_.FullName
$output = & the_msi_sign_tool.exe -msifile $msiPath -parameterB -parameterC 2>&1
if ($LASTEXITCODE -ne 0) {
Write-Error $output
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
