I was wondering if install4j supports signing existing installers?
We have a release process which involves a manual step to get the password to sign the installers. We were hoping to build the installers, test them, then if the tests pass and we are ready to release then sign them just before shipping them.
Thanks!
No this is not possible with install4j. You could of course sign the installers with external tools, but the included launchers would not be signed in that case.
Related
I am developing some freeware applications. Mostly they are written in Java to make them run on multiple systems. Meanwhile I have some thousand users and so it makes a lot of fun.
To make the Java apps easier to run under Windows, I also create executable wrappers using launch4j and installer applications using inno setup.
Now I have problem, because of Windows 8. In former Windows versions the OS just showed up a message by trying to start such an executable which was saying that the exe file comes from an "unknown" vendor. In Windows 8 they made it even harder. There is something like "Windows protected you from this dangerous application!".
So I am highly interested in signing my apps. But I am not willing to pay anything for this as I offer my software for free. Using Google I found the "CAcert" project that allows people to create free certificates. But I haven't found detailed information about the following questions:
can I create certificates to sign executables?
can I create certificates using my company name?
Is there anyone familiar with CAcert?
Or has anyone another hint to solve my problem?
thanks a lot...
Well, you can use use a CAcert certificate to sign your code, but it won't help you. That's because the OS doesn't install the CAcert root certificate.
If you want to stop your users seeing these messages you'll need to obtain a commercial certificate.
What's the best way to distribute a windows application:
Which format should i use to distribute the application, an exe-file
or a zip-file?
Should i sign the application?
Are there any other points i should take into account?
I'm going to create an installer for the application using innosetup. The application is made using node-webkit.
(I'm not a Windows user, but) MSI package is better than both an exe-file and a zip-file. The freedom to choose interactive or unattended [un]installation, and the ability to handle dependencies and upgrades are enough to make it the best option. WiX makes MSI creation easier -- give it a try.
So long as the application deploys - it makes no functional difference the data format you choose to distribute in.
I will speak from a user perspective as opposed to a technical one here; please include a CLEARLY LABELED installer (MSI is the best for this; but if it is .exe, or .bat or whatever, label it as "Installer" or "Click to install" or something similar) and a useful readme, if you do choose to distribute in a .zip.
It all depends on what the exe entails. If it's just a simple .NET executable and it's self contained, all you need is the exe in a zip (pending it's < .NET 2.0 which is included). Each newer succeeding version of Windows has .NET runtimes built into the OS incrementing all the way up to 4.5 or 5.0?
So if you have the latest Windows, and it has the .NET 4.5 libraries on it, all you need is essentially the executable. However if it is an older OS, you may need to bundle or link the runtimes needed. Some apps need third party components installed and other DLL's. In which case your best bet would be to use a third party tool like Install Shield or Wise, or Orca, where you can customize the install and install third party components like SQL Server Personal, Oracle Personal or mySQL Database or Crystal report components.
Also if NTFS permissions and network permissions are required or registry values are required you'll need to script it with Wise, InstallShield, etc, and require elevated permissions. Microsoft also has some built in Deploy Once(?) tools that allows this to be done via the web, or network path or executable.
It all depends on the complexity of your exe, how much it effects your system etc. I've seen apps that require even firewall exceptions, etc. If you are in a corporate environment and have a domain you can deploy using SCCM/SMS or UniCenter. Like I said it all depends on complexity, and scope.
If it's a simple .NET 2.0 app, then all you need is the exe in a zip. The best way would be to copy the exe to a few different systems and test it.
MSI's are inherently able to execute from shell or run/explorer. Also you are allowed to compile your install into a self contained executable.
Bottom line, it all depends on your app :)
I develop a desktop application for use on Windows, and was wondering how I can get my executables signed so they stop showing those horrible looking warning messages about being from an unknown publisher. I am somewhat familiar with signing binaries before releasing them. I have a Linux port of the same program which is distributed though it's own signed repository (apt-get).
The process for signing windows executables seems extremely complicated and I can't find a simple tutorial on what to do, rather thousands of webpages describing only parts of the process, or which go into way too much depth.
I just need a quick list of steps which are necessary to sign executables under windows. I believe it's called "authenticode".
Tools see MSFT Introduction to Code Signing
edit: you buy a certificate from a provider - most web registrars sell them.
Then simply sign the executable using the msft tools
see http://www.instantssl.com/code-signing/code-signing-process.html
I want to create an installer for my project, primarily to handle the external dependencies which are starting to grow in number.
The problem is most of these components seem to be distributed in different manners, so I need an installer that can cope with all the following. Ive looked at various things around, however many dont seem to cover all the things I need (like how to install directX using a Visual Studio setup project...), or dont even create a proper windows installer (eg .msi).
Copy all my apps files to the target directory
Create start menu and desktop shortcuts
Install direct x (ie call dxsetup.exe /silent)
Install the VC9 CRT redist (seems to be a "merge module" looking at msdn whatever that is...)
Only requires administrative rights if one of the following is true
DirectX and/or the VC9 CRT is not already present, or needs updating
Installing for all users
Installing to a directory the user doesnt have write permission for
Can roll back everything if installation is aborted before completion
Generates an uninstaller as well as an installer
Ensures the user accepts all required EULA's (my one, VC9 Redist, DirectX, etc)
For example I got the VS2008 Setp Project working for my app files and the VC9 CRT, however I dont see anyway to tell it to just run dxsetup.exe with the /silent argument and NOT extract it and all the other dx installer to the app directory or something...
EDIT:
Also it would be really nice if I could have a unified installer for x86 and x86-64, which installers the correct components (eg myapp_x86.exe or myapp_x64.exe) depending on if the OS is 64bit or not.
EDIT2:
Forgot to mention but either a free or low cost solution would be welcome as well, since I need a solution for some of my smaller personal stuff as well.
WiX is what you want. You'll want to read through the v3 documentation and examples, as it is not a simple thing to use. Once you get going, you'll have follow-up questions which you should post as new questions.
See also the WiX tutorial, but keep in mind it refers to v2, and a lot of it is out-of-date or obsolete in v3.
If you can afford it, Installshield does all this very well and professionally. It will include the merge file and seamlessly install as well. Installshield has its quirks, but it is incredibly easy to use and robust. Once you write your app, you don't want to think a lot about the installer.
Some nice features I liked
Creates patch installs by diff'ing the source so you can distribute patches with a small size.
Create upgrades that update the registry and version number of your app. Prevents older versions from being installed.
Creates an nice uninstaller.
It's Easy to add merge modules.
Scriptible if you need it to be, GUI if not (most of the time you don't need to script a thing).
If you can't afford that, go with NSIS. It is very powerful and well used, but prepared to write code in a text editor.
Follow these STeps
I want to create a Windows Installer, the 1st step I want it to call another installer (will install dependent components of my application), and the 2nd step I want to install my own application. I want to do all tasks in one installation process, and I have the dependent component installation package at hand (an exe file).
Any good tools or samples to refer to? I prefer to use VSTS or Microsoft or open source easy to use tools. :-)
thanks in advance,
George
You might want to take a look at the Microsoft Bootstrapper, assuming the dependent components are libraries such as .NET or similar then it's fairly straightforward.
If you want to create a Windows Installer (MSI) package then take a look at Windows Installer XML (WiX). But you'll want to get your head around how MSI works first. WiX is really simple once you understand Windows Installer, but trying to learn both at once can be rather confusing.
For a basic, copy some files, extract/run some stuff, type installer then NSIS is fairly straightforward scripting and you can pick that up in a day or so.
Nsis with this modification.
Update: It seems that nesting MSI installation is somewhat possible. However it requires some tweaking using tools from the Windows Installer SDK and has a number of drawbacks.
The following article has the details:
How to create a nested .msi package
Microsoft recommends not to use this feature (see this related answer and point 20 in this list).
However, you might also want to look at different install systems such as NSIS or create a bootstrapper that installs the dependencies prior to setup.
You could look at Inno Setup. It creates exe installers, as opposed to MSIs. It has a pascal-based scripting language, so is pretty flexible.
It's free and pretty easy to use.
If your existing installer doesn't use the MSI technology, you could use WiX to create an MSI and launch the existing installer via a custom action. I've done this in the past.
WiX is open source.
yes it would be very easy if you do it using Inno Setup, but with a slight difference..
You will have to perform step 2 first and then step 1.
Try using AutoHotkey(scripting) for checking the existence of any process in the background that verifies the installation of a particular software.
Check out iexpress on windows systems. In just a few minutes you can create an installer that can call as many installers as you like.