Session Digital Signature
Enable and configure the digital signing operation.
Enable signing
Checking this checkbox means that the package is signed at build.
Software Publisher Certificate
Personal certificate
Choose one of the currently installed certificates.
<Most suited certificate> - If this is selected, "SignTool.exe" signs the files with the best certificate found in the current user's Personal certificates store.
To view or manage certificates inside the system store, you can use
certmgr.msc tool (Press Windows Key
+ R, type "certmgr.msc" and press enter).
- Creates a certificate with which you can sign your package for testing. Make sure you install it as a trusted certificate and use it only for testing purposes.
Signature Properties
Description
This field contains the signed content's description. It is shown by the Windows UAC after you click the "Install" button.
Description URL
This field contains a URL for a complete description of the signed content. The URL is used when the package is launched from an untrusted location (for example from the network) in the "Open File - Security Warning" dialog, where the "Name" field becomes a link to the URL you specified.
Timestamp service URL
A digital certificate has a validity period. After that period expires the signed code is not considered certified anymore. To prevent that a timestamp can be placed at the signing time which shows that the certificate was valid when the signing was done.
The “Timestamp service URL” specifies the URL of the timestamp server. An examples of such a server is: