Microsoft Trusted Code Signing (Friedrich) (it works!)

Lindersoft · February 8, 2025, 9:15am

Quick note: I have received quite a few questions with regard to the new “Redistributable Package Manager” in SetupBuilder 2025.

Yes, v2025 comes with new features to handle ASP.NET Core Runtimes, .NET Desktop Runtimes and .NET Runtimes.

BTW, we’ll make a Trusted Signing Redistributable Package (x64) available to automatically configure Trusted Signing for you.

Friedrich

ThaDaSoft · February 11, 2025, 10:47am

Any ETA for the SetupBuilder 2025? We would really like to switch to Trusted Signing but for now we renewed our certificate as ours expires next week.

Lindersoft · February 11, 2025, 11:51am

I think we already have a very stable SetupBuilder 2025 pre-release (including support for Windows 11 and Windows Server 2025). Trusted Signing works as expected, thumb drive (USB) certificates and Cloud certificates also work fine.

We are still working on the updated documentation and new Redistributables (.NET 9, etc.). Clarion 12 support is built-in, but still disabled.

We’ll make a public pre-release available very soon.

Friedrich

Lindersoft · March 4, 2025, 6:54pm

Here is a quick “How to configure and user Trusted Signing in SetupBuilder 2025”.

Trusted Signing in SetupBuilder 2025

Friedrich

Lindersoft · March 8, 2025, 4:44pm

I have added built-in support for Trusted Signing on both Windows x86 and x64. Our SignInstall runtimes automatically install and register the required files. This will be available in the next BETA build.

Thanks Charles for your help!!!

Friedrich

CarlosGtrz · March 8, 2025, 5:30pm

Hi Friedrich

I noticed you also posted a guide on signing with a certificate stored in a USB token by selecting it via its thumbprint.

It looks like that’s what I’ll use to sign with my certificate stored in a Yubikey.

I’m currently using this alternate signing tool that lets my pass the PIN code as a command line parameter.

Will I be able to configure SB 2025 to use this alternate signing tool and pass the PIN code?

Alternatively, can SB 2025 be set up to call a .bat/.cmd file to handle custom signing procedures?

Lindersoft · March 8, 2025, 11:47pm

Carlos,

You don’t need this alternate signing tool, because we have developed our own “eToken Autosign” technology.

A common problem with eTokens is having to enter the token password for every single signature.

Even if you are not using SafeNet, our autosign method handles it behind the scenes and allows code-signing automation with eTokens. The prompt to enter a PIN or password does not pop up with SetupBuilder 2025!

Friedrich

CarlosGtrz · March 8, 2025, 11:59pm

Is this “eToken Autosign” available in the current beta?

Lindersoft · March 9, 2025, 12:08am

No, it will be available in the next build. I think on Wednesday. I’ll post a “HowTo” for USB eTokens soon.

Friedrich

CarlosGtrz · March 9, 2025, 12:10am

Perfect, thanks a lot.

Lindersoft · March 9, 2025, 12:11am

You are very welcome! I’ll keep you posted.

Friedrich