Databases
StackOverflow2013
Postsdbo
POHow to find WiX RemotePayload's CertificatePublicKey hash
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHow to find WiX RemotePayload's CertificatePublicKey hash
    primarykey
    data
    text
    <p>I'm trying to resolve WiX RemotePayload hashes, but I'm not sure how the <code>CertificatePublicKey</code> attribute is found.</p> <p>Take, for example, the .NET 4.0 Package definition from WiX 3.6 sources:</p> <pre><code> &lt;Fragment&gt; &lt;util:RegistrySearchRef Id="NETFRAMEWORK40"/&gt; &lt;WixVariable Id="WixMbaPrereqPackageId" Value="NetFx40Redist" /&gt; &lt;WixVariable Id="WixMbaPrereqLicenseUrl" Value="$(var.NetFx40EulaLink)" /&gt; &lt;PackageGroup Id="NetFx40Redist"&gt; &lt;ExePackage InstallCommand="/q /norestart /ChainingPackage &amp;quot;[WixBundleName]&amp;quot;" RepairCommand="/q /norestart /repair /ChainingPackage &amp;quot;[WixBundleName]&amp;quot;" UninstallCommand="/uninstall /q /norestart /ChainingPackage &amp;quot;[WixBundleName]&amp;quot;" PerMachine="yes" DetectCondition="NETFRAMEWORK40" Id="NetFx40Redist" Vital="yes" Permanent="yes" Protocol="netfx4" DownloadUrl="$(var.NetFx40RedistLink)" Compressed="no" Name="redist\dotNetFx40_Full_x86_x64.exe"&gt; &lt;RemotePayload Size="50449456" Version="4.0.30319.1" ProductName="Microsoft .NET Framework 4" Description="Microsoft .NET Framework 4 Setup" CertificatePublicKey="672605E36DD71EC6B8325B91C5FE6971390CB6B6" CertificateThumbprint="9617094A1CFB59AE7C1F7DFDB6739E4E7C40508F" Hash="58DA3D74DB353AAD03588CBB5CEA8234166D8B99"/&gt; &lt;/ExePackage&gt; &lt;/PackageGroup&gt; &lt;/Fragment&gt; </code></pre> <p>From <strong>wix36-sources\src\ext\NetFxExtension\wixlib\NetFx4.wxs</strong></p> <p>I can find the sha1 <code>Hash</code> with <code>fciv -sha1 dotNetFx40_Full_x86_x64.exe</code>...</p> <blockquote> <p>58da3d74db353aad03588cbb5cea8234166d8b99 dotnetfx40_full_x86_x64.exe</p> </blockquote> <p>I can find a matching <code>CertificateThumbprint</code> easily through the properties dialog for the file, or using <code>signtool</code> which displays the following output</p> <pre><code>C:\redist&gt;signtool verify /v /ph dotNetFx40_Full_x86_x64.exe Verifying: dotNetFx40_Full_x86_x64.exe Signature Index: 0 (Primary Signature) Hash of file (sha1): 8E8582D10521962F45F33935C38A2412C4F2D4C7 Signing Certificate Chain: Issued to: Microsoft Root Authority Issued by: Microsoft Root Authority Expires: Thu Dec 31 03:00:00 2020 SHA1 hash: A43489159A520F0D93D032CCAF37E7FE20A8B419 Issued to: Microsoft Code Signing PCA Issued by: Microsoft Root Authority Expires: Sat Aug 25 03:00:00 2012 SHA1 hash: 3036E3B25B88A55B86FC90E6E9EAAD5081445166 Issued to: Microsoft Corporation Issued by: Microsoft Code Signing PCA Expires: Mon Mar 07 18:40:29 2011 SHA1 hash: 9617094A1CFB59AE7C1F7DFDB6739E4E7C40508F The signature is timestamped: Thu Mar 18 21:13:46 2010 Timestamp Verified by: Issued to: Microsoft Root Authority Issued by: Microsoft Root Authority Expires: Thu Dec 31 03:00:00 2020 SHA1 hash: A43489159A520F0D93D032CCAF37E7FE20A8B419 Issued to: Microsoft Timestamping PCA Issued by: Microsoft Root Authority Expires: Sun Sep 15 03:00:00 2019 SHA1 hash: 3EA99A60058275E0ED83B892A909449F8C33B245 Issued to: Microsoft Time-Stamp Service Issued by: Microsoft Timestamping PCA Expires: Thu Jul 25 15:11:15 2013 SHA1 hash: 4D6F357F0E6434DA97B1AFC540FB6FDD0E85A89F SignTool Error: The signing certificate is not valid for the requested usage. This error sometimes means that you are using the wrong verification policy. Consider using the /pa option. Number of files successfully Verified: 0 Number of warnings: 0 Number of errors: 1 </code></pre> <p>What tool can provide the hash for <code>CertificatePublicKey</code>?</p> <p><strong>edit:</strong> Without using heat, I want to understand where the hashes come from.</p> <p><strong>edit:</strong> I'm aware of how this is done in WiX source code and that I can execute<br> <code>heat payload file -out file.wxs</code>, but I'm looking for some external tool which can provide the expected hash(es) without using heat. This is really only to sate my curiosity.</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USJim Schubert
    1. USJim Schubert
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POHow to find WiX RemotePayload's CertificatePublicKey hash
      1. USJim Schubert
      1. VTBountyStart
    2. VO
      singulars
      1. POHow to find WiX RemotePayload's CertificatePublicKey hash
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. POHow to find WiX RemotePayload's CertificatePublicKey hash
      1. This table or related slice is empty.
      1. VTBountyClose
    1. COWhere is the CertificateThumbprint in the above?
      singulars
      1. POHow to find WiX RemotePayload's CertificatePublicKey hash
      1. USDaveO
    2. CO@DaveO it is the last SHA1 hash for the Signing Certificate Chain.
      singulars
      1. POHow to find WiX RemotePayload's CertificatePublicKey hash
      1. USJim Schubert
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload