How do you get the path to SignTool.exe when using Visual Studio 2012?
In Visual Studio 2010, you could use
<Exec Command=""$(FrameworkSDKDir)bin\signtool.exe" sign /p ... />
Where $(FrameworkSDKDir)
is
"c:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin\"
But in Visual Studio 2012, $(FrameworkSDKDir)
is
"C:\Program Files (x86)\Microsoft SDKs\Windows\v8.0A\bin\"
and SignTool is in
"c:\Program Files (x86)\Windows Kits\8.0\bin\x64\"
Is there a way of getting the path to this directory other than hard coding (I've tried FrameworkSDKDir
and WindowsSDKDir
, but both point to the v8.0A directory).
(I am aware of the SignFile MSBuild task, but I can't use that as it doesn't accept certificate passwords.)
The tool is installed in the \Bin folder of the Microsoft Windows Software Development Kit (SDK) installation path (Example: C:\Program Files (x86)\Windows Kits\10\bin\10.0. 19041.0\x64\signtool.exe).
Make sure to select the "ClickOnce Publishing Tools" from the feature list during the installation of Visual Studio 2015 to get the SignTool. Once Visual Studio is installed you can run the signtool command from the Visual Studio Command Prompt. C:\Program Files (x86)\Windows Kits\10\bin\x86\signtool.exe.
Sign Tool is a command-line tool that digitally signs files, verifies signatures in files, and time-stamps files. This tool is automatically installed with Visual Studio. To run the tool, use Visual Studio Developer Command Prompt or Visual Studio Developer PowerShell.
The signtool.exe tool is installed with Visual Studio and with Windows SDK, and Visual Installer will normally find the newest installed version by itself. But if not, you can select the program file manually in Visual Installer's editor.
I just ran into the same issue. Running the build from a Visual Studio 2012 Command Prompt worked, but it was failing in the IDE. Looking for a detailed or diagnostic log led me to What is the default location for MSBuild logs?, which told me that Visual Studio can't give the diagnostic information I really needed.
Here's what I finally did to fix it.
Open a normal Command Prompt (not the Visual Studio Command Prompt), and run msbuild from that by fully-qualifying the path to MSBuild (%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe). This finally gave me the same error message (error code 9009) that I had been receiving in Visual Studio 2012.
Then, run the same build using "diagnostic" logging (which shows all property and item values) by appending the /v:diag switch.
From this output, I learned that it does have some new properties that I could use to get the location of signtool.exe (excerpt below):
windir = C:\Windows windows_tracing_flags = 3 windows_tracing_logfile = C:\BVTBin\Tests\installpackage\csilogfile.log WindowsSDK80Path = C:\Program Files (x86)\Windows Kits\8.0\ WIX = C:\Program Files (x86)\WiX Toolset v3.7\
So, my solution to this problem was to add the following to my *.targets file:
<SignToolPath Condition=" Exists('$(WindowsSDK80Path)bin\x86\signtool.exe') and '$(SignToolPath)'=='' and '$(PROCESSOR_ARCHITECTURE)'=='x86' ">$(WindowsSDK80Path)bin\x86\signtool.exe</SignToolPath> <SignToolPath Condition=" Exists('$(WindowsSDK80Path)bin\x64\signtool.exe') and '$(SignToolPath)'=='' and '$(PROCESSOR_ARCHITECTURE)'=='AMD64' ">$(WindowsSDK80Path)bin\x64\signtool.exe</SignToolPath>
Hope this helps you, too. I included the preamble of how I got to this point because there are other properties available that may be better suited for your purposes.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With