2

I have the following line in my Inno Setup script:

SignTool=MySign cmd /c C:\SigningTools\signtool.exe sign /f C:\MyCert.pfx /p MyPassword $f

This works on my local machine.

I then commit my changes to our server and Jenkins will compile and make a build automatically. Jenkins does not work and I get the following error. 

Error on line 43 in C:\Windows\TEMP\fxbundler8328922406343131203\images\win-exe.image\MyProgram.iss: Value of [Setup] section directive "SignTool" is invalid.
Compile aborted.

I have no idea what the issue is, I have tried numerous things but can't seem to figure it out. I would settle with learning some better options to output error messages with Inno Setup.

dwaddell
  • 1,446
  • 12
  • 22
  • Which user is running the jenkins or script on your windows machine? Maybe the user doesn't have the privilege to run cmd in an non interactive mode? You should give the user the permission to run local batch scripts and services with gpedit. – aw-think Aug 18 '15 at 05:56
  • @NwDx I am able to sign the launcher before the inno setup runs so I don't believe this is the issue either, the user does have permission to run signtool.exe. Thanks for the suggestion. – dwaddell Aug 18 '15 at 11:13
  • This is not the problem, the problem is, that Jenkins runs on your webserver and you try to call cmd.exe. Have a look here: http://stackoverflow.com/a/11613662/4170073 – aw-think Aug 18 '15 at 14:05

3 Answers3

0

You need to define the SignTool in your call to the compiler via the /s switch. Example: "/sMySign$q=sign_application.bat$q $f"

sign_application.bat receives the path of the file to sign as first parameter and calls signtool.exe as you've already tried.

Take a look here: http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdline

Wosi
  • 41,986
  • 17
  • 75
  • 82
  • 2
    Unfortunately that has not worked. I am not running Inno Setup through the cmdline so the /s isn't helping in this scenario. "he specified Sign Tool name and its command have to be defined in the compiler IDE (via the Tools | Configure Sign Tools... menu) or on the compiler command line (via the "/S" parameter), else an error will occur.", I am the first half of that or. Inno Setup is being trigged through a run of an ant script that call . – dwaddell Aug 17 '15 at 18:18
  • What is when you try to build it by command line over ant? https://ant.apache.org/faq.html#batch-shell-execute – Wosi Aug 17 '15 at 18:37
  • http://docs.oracle.com/javafx/2/deployment/self-contained-packaging.htm – dwaddell Aug 17 '15 at 18:45
  • What is this? Even the Ant sript makes a call to the inno compiler and passes several parameters to it. You can simply add the `/s` switch there. Or what does Ant do ìn order to create the setup.exe? – Wosi Aug 17 '15 at 19:10
  • Not when deploying a JavaFX application, something buried within the JavaFX deploy command calls inno setup when bundling as an exe. Thanks for your suggestion though, it was worth trying. – dwaddell Aug 18 '15 at 11:15
0

Do not forget to Configure Sign Tools in the Inno Setup Compiler. I simply added signtool $p string.

aleksv
  • 97
  • 1
  • 7
0

In my case, the certificate has expired.

I found the following article usefull: https://www.nextofwindows.com/how-to-check-a-pfx-certifications-expiry-date-on-windows

I opened a command prompt in the directory where my pfx file was and used this command to get details about the certificate:

certutil -dump "nameofcertfile.pfx"

Change nameofcertfile.pfx to your file name. You probably will be prompted for a password. Enter the password you used in your script (MyPassword in the OPs script). You may also copy/paste it.

NOTE: You will not see any character beeing typed while entering or pasting the password - so don't be confused.

kirschkern
  • 1,197
  • 10
  • 27