首頁 探索 說明
登入
pascal
/
innosetup
镜像来自 https://github.com/jrsoftware/issrc.git
2
0
複刻 0
Files 問題管理 0 Wiki
瀏覽代碼

Tweak.

Martijn Laan 9 年之前
父節點
884d84b014
當前提交
50db9fe8e9
共有 2 個文件被更改,包括 2 次插入2 次删除
分割檢視 顯示文件統計
  1. 1 1
      ishelp/isetup.xml
  2. 1 1
      whatsnew.htm

+ 1 - 1
ishelp/isetup.xml
查看文件 

@@ -4945,7 +4945,7 @@ SignTool=byparam signtool.exe sign /a /n $qMy Common Name$q /t http://timestamp.
 
 <pre>

 [Setup]

 SignTool=mycustom sign /a /n $qMy Common Name$q /fd sha1 /t http://timestamp.comodoca.com/authenticode /d $qMy Program$q $f

-;the /as parameter in the following SignTool requires a recent signtool.exe version

+;the /as parameter in the following SignTool requires a recent signtool.exe version and a SHA256 (SHA-2) certificate

 SignTool=mycustom sign /a /n $qMy Common Name$q /as /fd sha256 /td sha256 /tr http://timestamp.comodoca.com/rfc3161 /d $qMy Program$q $f

 </pre>

 <p>Note: for security reasons you should give a unique name to any Sign Tool set to <tt>$p</tt>, and not use a <tt>byparam</tt> name copied from this example. Consider what happens if you #include a third-party file that says:</p>

+ 1 - 1
whatsnew.htm
查看文件 

@@ -28,7 +28,7 @@ For conditions of distribution and use, see <a href="http://www.jrsoftware.org/f
 
 

 <p><a name="5.5.8"></a><span class="ver">5.5.8 </span><span class="date">(2016-01-13)</span></p>

 <ul>

-<li>The [Setup] section may now list multiple <tt>SignTool</tt> directives which will be executed in order of appearance. This can be used to dual sign (SHA1 &amp; SHA256) Setup and Uninstall. This requires a recent signtool.exe version. Inno Setup's own installer is now also dual signed. See the help file for a <a href="http://www.jrsoftware.org/ishelp/index.php?topic=setup_signtool">dual sign example</a>. <b>Without dual signing Windows will no longer trust any of your new installers if they are downloaded</b>. See <a href="http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx">http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx</a> for more information.</li>

+<li>The [Setup] section may now list multiple <tt>SignTool</tt> directives which will be executed in order of appearance. This can be used to dual sign (SHA1 &amp; SHA256) Setup and Uninstall. This requires a recent signtool.exe version and a SHA256 (SHA-2) certificate. Inno Setup's own installer is now also dual signed. See the help file for a <a href="http://www.jrsoftware.org/ishelp/index.php?topic=setup_signtool">dual sign example</a>. <b>Without dual signing Windows will no longer trust any of your new installers if they are downloaded</b>. See <a href="http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx">http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx</a> for more information.</li>

 <li>The console-mode compiler (ISCC) now accepts multiple /S command line parameters (to specify a Sign Tool) instead of ignoring all but the last.</li>

 </ul>