Authoring a Fully Verified Signed Installation
You can use these guidelines to cover an entire Windows Installer installation by a digital signature.
Authors of Windows Installer installations must adhere to the following to ensure that all parts of the installation are covered by a digital signature:
- Use internal cabinet files, or use signed external cabinet files and correctly author the MsiDigitalSignature table and MsiDigitalCertificate table.
- Use only custom actions stored within the package or installed with the package.
- Sign the installation package.
- Include an MsiPatchCertificate table in the package. To enable User Account Control (UAC) Patching, this table must contain information used to identify the signer certificates used to digitally sign patches. UAC patching enables the author of the installation package to identify digitally-signed patches that can be applied in the future by non-administrator users.
For an example showing how to author a signed installation using automation, see Authoring a Fully Verified Signed Installation Using Automation.
Σχόλια
https://aka.ms/ContentUserFeedback.
Σύντομα διαθέσιμα: Καθ' όλη τη διάρκεια του 2024 θα καταργήσουμε σταδιακά τα ζητήματα GitHub ως μηχανισμό ανάδρασης για το περιεχόμενο και θα το αντικαταστήσουμε με ένα νέο σύστημα ανάδρασης. Για περισσότερες πληροφορίες, ανατρέξτε στο θέμα:Υποβολή και προβολή σχολίων για