|
|
|
mocola
Posts: 9
Joined: 2014-03-08
|
I have a code signing issue, which is already discussed here:
https://www.add-in-express.com/forum/read.php?FID=5&TID=16081
The Code Signing option of Add-In Express (9.5.4661.0) lets me sign the files (app.dll, loader*.dll) with both SHA1 and SHA256 including the timestamps for both. However, this results in Error Code 0x8009210d (adxloader.log). It seems to be related to the signature in the adxloader.dll.manifest and as stated in https://www.add-in-express.com/forum/read.php?PAGEN_1=2&FID=5&TID=15498#nav_start Visual Studio 2019 is not able to sign with SHA1.
The work around is to disable the Code Signing and use adxpatch.exe to manually sign the files. I only sign the adxloader.dll.manifest (in /bin/Release) and it signs all releated files automatically. DLLs are signed with SHA256 and the adxloader.dll.manifest holds an SHA1 signature. If I copy these files to my Outlook Addin installation folder, the Addin is loaded properly and all is working fine.
BUT here comes the issue:
How do I get these manually signed files into the MSI package? I use the Visual Studio Installer generated by Addin-Express. But when I build the installer, all signatures got lost! I tried a lot of things but currently I am out of idea.
Please advise, its really urgent. Thanks a lot!
Regards,
Sebastian |
|
|
Posted 15 Jul, 2021 12:48:54
|
|
Top
|
|
|
mocola
Posts: 9
Joined: 2014-03-08
|
I also tried PreBuildEvent and PostBuildEvent in the installer - no luck, the signature are gone. Furthermore, I tried to sign the files in the folder "Loader" which will be copied during the build. Setting the files to "read only" so that they will not be modified, did not work either (Error during build due to write protection).
In https://www.add-in-express.com/forum/read.php?FID=5&TID=16179&MID=83879 someone suggested to switch to WiX installer. To be honest, this would be a lot of work and also needs tests on different platforms, that this is not an option for us. I generated a WiX setup project using Add-In Express. However, the build of the Wix (v3.11.2) projects failed due to missing MSI Build Utilities. I did not follow up on that.
A dirty solution might be to replace the files within the MSI directly until there is a viable solution for this issue.
In https://www.add-in-express.com/forum/read.php?PAGEN_1=2&FID=5&TID=15498#nav_start from June 2019 you say: "As soon as we have a possibility to test EV certificates, we'll look for a solution. I'll send you a note once we have such a solution." Is there any news on this?
Regrads,
Sebastian |
|
|
Posted 15 Jul, 2021 17:15:23
|
|
Top
|
|
|
mocola
Posts: 9
Joined: 2014-03-08
|
I again spent several hours on it and finally I switched to Visual Studio 2017 again, which works (beside VS2017 <-> VS2019 related changes) like a charm. It would be nice, if you could fix the signing option (EV certs) for VS 2019 as this is just a fallback solution.
Futhermore I faced another issue:
I updated Addin-Express for VS2017 from version 9.4.4644 to 9.5.4661. After that I got a build error that AddinExpress.ToolbarControls.2005 could not be found.
I removed this entry from the .csproj:
<Reference Include="AddinExpress.ToolbarControls.2005, Version=9.4.4644.0, Culture=neutral, PublicKeyToken=16211aef6795d6cc, processorArchitecture=MSIL" />
After that the build was successful and the Outlook Addin is working. Could you confirm, if it is okay to just remove the reference from the .csproj file?
Regards,
Sebastian |
|
|
Posted 16 Jul, 2021 06:16:57
|
|
Top
|
|
|
Andrei Smolin
Add-in Express team
Posts: 18825
Joined: 2006-05-11
|
Hello Sebastian,
mocola writes:
How do I get these manually signed files into the MSI package? I use the Visual Studio Installer generated by Addin-Express. But when I build the installer, all signatures got lost!
The setup project generated be Add-in Express uses the add-in project's primary output while it should refer to the file that you sign. That would explain the digital signature missing on the add-in assembly.
As to the loader files, from what location the setup project gets them?
mocola writes:
I removed this entry from the .csproj:
Note the version of the assembly referenced. I'd try to replace it with AddinExpress.ToolbarControls.2005, Version=9.5.4661.
Alas, we didn't get a possibility to fix the EV Code Signing certificate issue so far.
Andrei Smolin
Add-in Express Team Leader |
|
|
Posted 16 Jul, 2021 08:25:20
|
|
Top
|
|
|
mocola
Posts: 9
Joined: 2014-03-08
|
Hello Andrei,
okay, but if it refers the files that I signed (manually), shouldn?Â?Ð?ét they be included? Maybe the signature gets removed due to the fact I disabled the Signing Option in Add-In Express (Disabled -> No Signature -> remove if any).
Regarding the AddinExpress.ToolbarControls.2005: If have seen it references the previous version of AddinExpress. Wondering why it has not been updated automatically. I can confirm this behavior for VS2019 and VS2017.
As it looks like, the reference is not used by the code which addresses Outlook 2007-2019. The build has no error and the Addin is working - at least on my test environments. But it is too late anyways, it has been deployed already. I hope it works out without the reference.
If I can help in getting the EV code signing fixed for VS2019, please let me know. This feature is inevitable for enterprise.
Regards,
Sebastian |
|
|
Posted 16 Jul, 2021 10:00:08
|
|
Top
|
|
|
Andrei Smolin
Add-in Express team
Posts: 18825
Joined: 2006-05-11
|
Hello Sebastian,
If the Signing Option is disabled, building the add-in project causes Add-in Express to copy non-signed loader files from {Add-in Express installation folder}\Redistributables to {your project}\Loader.
Sign the loaders in the PreBuiltEvent of your setup project. Make sure the setup project gets signed files from correct location. The Primary Output of your add-in project isn't signed in your scenario; don't use it in your setup project's File System.
mocola writes:
As it looks like, the reference is not used by the code which addresses Outlook 2007-2019.
Correct. It only works in Outlook 2000-2003.
Andrei Smolin
Add-in Express Team Leader |
|
|
Posted 19 Jul, 2021 03:02:17
|
|
Top
|
|
Forums
Topics
Search
Help
Login
Register