I was wondering if it is possible to prevent access to .cab files using InstallShield Software. Maybe there is any option in the software.. It should encrypt .cab file, maybe with a certificate file?
It's possible to encrypt using InstallShield but at the file level. This is applicable if you're using Installscript project. Refer this -
https://docs.revenera.com/installshield26helplib/helplibrary/FeatureSettings.htm
For the basic MSI project, you could sign the .cab file but I didn't find any option to encrypt here. You could probably use some external script to perform this job and can try to decrypt it using a custom action at the initial phase of installation.
Related
Creating package using Installshield 2012 Spring. To detect the erros enabling MSILogs by creating the reg key using 'voicewarmupx'. All log files are creating in Temp folder. My requirement is to change the logging location from Temp folder some other directory. Is there any way to achieve this, kindly suggest it will be a great help
There is no way to control the location of logs generated by the Windows Installer Logging key. All you can do is override the location manually, such as by providing an explicit location at the MSI command line. In some cases you can do this by specifying arguments in the Setup.exe tab of the Releases view. But beware: this makes it hard or impossible to avoid generating the log.
How to do Text file changes in a ZIP file in InstallShield Basic MSI project. I am not able to do Text file changes in a file which is inside a zipped file.
InstallShield does not offer this capability, at least not now. You will have to either surround the call to the text-file-changing custom action with ones that extract and replace the zipped file (the text file changes would operate on the temporary copy), or implement the whole thing yourself in one step. I'm not sure which approach will be easier.
In your situation, I would reframe the design and requirement. Silverlight .XAP files are typically digitally signed. Any attempt to modify the archive would invalidate this. It's also needlessly complicated.
Instead, change your application to use an external configuration file. native InstallShield functionality can then be used to update this file. For a possible approach, see:
Creating and Using Silverlight web.config app settings (Web.config Configuration Applicatioin Settings) or app.config application settings configuration file for Silverlight
I want to verify if certain exe files already exist in a merge module .ism (binary format). Is there a method of doing this without using InstallShield?
An *.ism file is really an MSI file with a changed extension. MSI files in turn are SQL databases stored as COM-structured storage files - a file system inside a single file with file streams for various content. This is the same format used in Office documents.
You can view MSI files with Orca from the Windows SDK: http://www.hass.de/content/how-install-microsoft-orca
Windows Installer XML (WiX) Deployment Tools Foundation (DTF) has an InstallPackage class available that exposes a FindFiles() method. This should be really easy to query the EXE. Just realize that being a merge module you won't know the full installation path as that's decided by the MSI generally.
Both of Chris's suggestions should work fine, as would using Orca. But it got me thinking there might be an even easier way using a tool called Merge Module Finder. It all depends on what you really want to do? Find files already in merge modules? Investigate what merge modules are in an Installshield file? It is not quite clear exactly what you want to do.
Though a bit clunky at times (I think the author hasn't updated it for the latest versions of Windows) it will help you look for a file in a bunch of merge modules interactively. You can also search for a registry value. Here is a screenshot:
It would appear that VS2012 uses PFX files for signing instead of SNK files. I get the impression this is related to delayed signing; but I don't care.
When I build my application, I can use "sn -tp <my assembly>" and see it is signed.
When I ilmerge the debug folder and use the /keyfile directive (the way I was successfully doing with SNK files), the DLLs merge into one unsigned DLL.
I have read articles suggesting clever workarounds, such as extracting the public key from the original DLL and then using this in the /keyfile directive...which also failed to allow me to create a strongly signed DLL.
So, what do I need to do to get ilmerge to work with the PFX file so that my assembly will be strongly typed?
Thanks
I recently was attempting to do just the same thing (this time with VS 2015, but I am sure the results are the same).
PFX files are password-protected by default and ILMerge (at the time of this writing) does not appear to support them.
Manual Signing
The "clever workaround" as you describe it is presented here, and it appears to be the only way to accomplish this:
>sn -p some.pfx some.pub
>ilmerge /keyfile:some.pub /delaysign /out:merged\some.dll some.dll
>sn -R merged\some.dll some.pfx
Note that extracting the public key from the PFX file requires user input - allegedly it was previously possible to pipe in the password, but the current version of sn.exe does not permit console redirection.
Automated (CI Build System) Signing
In order to strong sign ILMerged assemblies in an automated way, it is necessary to install they key on the local build machine. This still requires user input in the form of password input, but only has to be done once per build machine.
As before, we need to extract the public key from the PFX file (this only has to be done once, and the PUB file can be saved alongside the PFX or even checked-in to source).
Here is the one-time setup code (both require password input):
>sn -p some.pfx some.pub
>sn -i some.pfx SomeContainerName
During the automated build, it is now possible to run:
>ilmerge /keyfile:some.pub /delaysign /out:merged\some.dll some.dll
>sn -Rc merged\some.dll SomeContainerName
My requirement is to edit a .xap file which is already in the IIS Manager.. when install another web application on IIS manager. (I want to add the end points of a web application in the previous web application .xap file)
You could write a custom action to:
Open the .xap file (it's a .zip file named differently)
Extract the file(s) that need to be modified
Edit the extracted file(s)
Re-zip the extracted file(s) back into the .xap file.
You could find the existing .xap file using AppSearch of some sort. Maybe a FileSearch element. Most of the work is going to be in your custom action though. Good luck!
Please see Mike's answer over at:
NSIS Changing config file present in XAP file i.e. silverlight component build
There's two parts here:
1) Authoring the Silverlight application to use an external config file.
2) Authoring your installer to update that config file. In this case of WiX, it's the XmlConfig element in the Util extension.
The reasons for doing it this way is to have a highly reliable installer. If you write custom actions to extract, edit and compress the XAP you'll invalidate digital signatures and introduce complexity and fragility to your deployment process. Avoiding the temptation to do all this and just use XmlConfig gives you a robust, declarative installation that fully supports the Windows Installer rollback story.