Digital Signature: Sign MSI, EXE and MSP files

Advanced Installer can digitally sign all of the following files that it creates: EXE, MSI, MSP (patches) and CAB files. The EXE, MSI and MSP files are always signed while the CAB files are only signed if they are not embedded in the MSI.

You also can individually sign each file from your package by enabling this option in the File Properties Tab, Files and Folders view.

Signing utilities

SignTool.exe

The default tool, available with the Windows SDK v8.0 or higher, used by Advanced Installer. The SignTool.exe utility tool can be used only with certificates exported as PFX files. can be used only with certificates exported as PFX files. You can use either pvkimprt or pvk2pfx to create a PFX certificate from the SPC and PVK files.

Topics

Digital Signature Settings Tab
Configure the digital signature of your package.
Files Configured for Signing Tab
Configure the files to be signed contained by the package.