Home Explore Help
Sign In
pascal
/
innosetup
mirror of https://github.com/jrsoftware/issrc.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Clarify SignedUninstaller topic.

Martijn Laan 2 months ago
parent
e469e4382b
commit
eed3bfeb76
1 changed files with 9 additions and 4 deletions
Split View Show Diff Stats
  1. 9 4
      ISHelp/isetup.xml

+ 9 - 4
ISHelp/isetup.xml
View File 

@@ -6048,11 +6048,16 @@ ArchitecturesInstallIn64BitMode=x64compatible
 
 <setupdefault><tt>yes</tt> if a <link topic="setup_signtool">SignTool</link> is set, <tt>no</tt> otherwise</setupdefault>

 <body>

 <p>Specifies whether the uninstaller program (unins???.exe) should be deployed with a digital signature attached. When the uninstaller has a valid digital signature, users will not see an "unknown publisher" warning when launching it.</p>

-<p>The first time you compile a script with this directive set to <tt>yes</tt>, a uniquely-named copy of the uninstaller EXE file will be created in the directory specified by the <link topic="setup_signeduninstallerdir">SignedUninstallerDir</link> directive (which defaults to the <link topic="setup_outputdir">output directory</link>). Depending on the <link topic="setup_signtool">SignTool</link> setting, you will either then be prompted to attach a digital signature to this file using an external code-signing tool (such as Microsoft's <tt>signtool.exe</tt>) or the file will be automatically signed on the fly. On subsequent compiles, the signature from the file will be embedded into the compiled installations' uninstallers.</p>

-<p>Upgrading to a newer version of Inno Setup, or changing certain [Setup] section directives that affect the contents of the uninstaller EXE file (such as <link topic="setup_setupiconfile">SetupIconFile</link> and VersionInfo directives), will cause a new file to be created under a different name.</p>

-<p>If a file generated by this directive is deleted, it will be recreated automatically if necessary on the next compile.</p>

-<p>When the uninstaller has a digital signature, Setup will write the messages from the active language into a separate file (unins???.msg). It cannot embed the messages into the EXE file because doing so would invalidate the digital signature.</p>

 <p>When set to <tt>yes</tt>, any temporary self-copies used by Setup are digitally signed too.</p>

+<p>If the <link topic="setup_signtool">SignTool</link> directive is set, the file will be signed automatically on the fly. Otherwise:</p>

+<ul>

+  <li>The first time you compile a script with <tt>SignedUninstaller</tt> set to <tt>yes</tt>, a uniquely-named non-temporary copy of the uninstaller EXE file will be created in the directory specified by the <link topic="setup_signeduninstallerdir">SignedUninstallerDir</link> directive (which defaults to the <link topic="setup_outputdir">output directory</link>).</li>

+  <li>You will then be prompted to attach a digital signature to this file using an external code-signing tool (such as Microsoft's <tt>signtool.exe</tt>).</li>

+  <li>On subsequent compiles, the signature from the file will be embedded into the compiled installations' uninstallers, without prompting you.</li>

+  <li>If you delete the file, you will be prompted again if necessary on the next compile.</li>

+  <li>Upgrading to a newer version of Inno Setup, or changing certain [Setup] section directives that affect the contents of the uninstaller EXE file (such as <link topic="setup_setupiconfile">SetupIconFile</link> and VersionInfo directives), will cause a new file to be created under a different name.</li>

+</ul>

+<p>When the uninstaller has a digital signature, Setup will write the messages from the active language into a separate file (unins???.msg). It cannot embed the messages into the EXE file because doing so would invalidate the digital signature.</p>

 <p>Details on obtaining signing certificates and using code-signing tools are beyond the scope of this documentation.</p>

 </body>

 </setuptopic>