Signing a Self-Extracting Setup Distribution Unit

A self-extracting setup executable distribution unit can be signed similar to an ActiveX control. A digital signature provides accountability for software developers. The signature associates a software vendor's name with a given file. Digital signatures provide a path to you (through the company that authorized the certificate) in the event that your component causes harm on a user's system. The Microsoft development environment provides a convenient means to apply a digital signature to a self-extracting setup distribution unit.

To sign a setup executable distribution unit

1. Display the property pages of a distribution unit.

2. Click the Signing tab.

3. Select the Sign Executable check box.

4. If you have a personal certificate and private key (for example, from Verisign), click Use Certificate file, and then specify the certificate, the private key file name, and the timestamp server URL (optional).

   –or-

   If you just want to test the setup executable file, click Use Test Certificate. This certificate is for testing purposes only. Contact an authorization company to get an official certificate and private key.

5. Click OK.