2

I am installing my application in a fully offline environment. Our machines will be completely incapable of connecting to the internet during production scenarios.

I am writing a WiX Burn custom bootstrapper, and part of the reason was to install a Microsoft root certificate required for .NET 4.7.2 to install properly on Windows versions earlier than 8.1. My original plan was to use the .NET certificate namespace to do this, but aside from the warning that popped up saying not to, I realized that Burn runs at the current user's elevation level, which means that it would likely fail to install the certificate without acquiring elevated privileges first.

According to a Microsoft document regarding installing certificates for Visual Studio, the preferred way of doing this is to bundle a copy of of certmgr.exe with your program and call it to add the certificate to the root store.

Is it best practice or even possible at all to do this using an ExePackage element? As in, setting the element to call certmgr, set InstallCommand to /add MicRooCerAut2011_2011_03_22.cer /s /r localMachine root, PerMachine to True and let it rip? Or does ExePackage have some kind of special behavior?

sonicbhoc
  • 434
  • 3
  • 15
  • You can add a custom action to your msi package itself, have a look at this [thread](https://stackoverflow.com/questions/13478297/silently-install-root-certificate-in-wix) or at `Certificate` [element](https://wixtoolset.org/documentation/manual/v3/xsd/iis/certificate.html) – Pavel Anikhouski Nov 29 '19 at 20:12
  • I would, but this is a prerequisite to my MSI package. The certificate has to be installed before the prerequisite, which has to be installed before my package. Essentially, the certificate is a prerequisite to the prerequisite (which is an ExePackage). – sonicbhoc Nov 29 '19 at 20:15
  • 1
    Add another package in the right spot. – Bob Arnson Nov 30 '19 at 00:12
  • So the solution I hypothesized is correct? Use ExePackage to call certmgr.exe? – sonicbhoc Nov 30 '19 at 00:13

0 Answers0