Installing Certificates using Wix (Windows Installer Xml / Voltive)

Installing Certificates using Wix (Windows Installer Xml / Voltive)

Wednesday 11 February 2009

I’ve been working with WiX ( wix.sourceforge.net ) for generating application installers over the past few weeks.

The project is rapidly evolving (if I recall, it was one of Microsofts first forays into open source development) but as a side effect finding up to date documentation can be a little taxing. The documentation is good and quite comprehensive, but often subtly incorrect or outdated.

Anyway, we have a few services at work that require certificates to be installed at install time into the Windows certificate store. Previously we had a couple of custiom actions designed to configure the user and store, but after a little investigation it appears like this functionality comes for free in the Wix toolkit.

It’s confusingly in the IIS extensions, which is a bit of a misnomer- it’s only in there because it was originally designed to install certificates for web servers, however it works perfectly for any certificate.

So how do you do it? In Wix3, ensure you first have a reference to WixIIsExtension.dll (in the default install, it’s in c:\Program Files\Windows Installer XML v3\bin) in your project if you’re using voltive, or manually linked if you’re building on the command line. The following example is of a fragment which installs two certificates, one as a Root certificate authority and another as a certificate in local machine.

<?xml version=“1.0” encoding=“utf-8”?> <Wix xmlns=“http://schemas.microsoft.com/wix/2006/wi” xmlns:iis=“http://schemas.microsoft.com/wix/IIsExtension”>

<Fragment> <Directory Id=“Directory_Certificates” Name=“Certificates”> <Component Id=“MyRootCert.cer” Guid=”*”> <File Id=“MyRootCert.cer” Name=“MyRootCert.cer” Source=”…\Path\To\MyRootCert.cer” />

<iis:Certificate Id=“Certificate.RootCA” Name=“MyRootCert.cer” Request=“no” StoreLocation=“localMachine” StoreName=“root” Overwrite=“yes” BinaryKey=“Certificate.RootCA.Binary” />

</Component> <Component Id=“RandomCert.p12” Guid=”*”> <File Id=“RandomCert.p12” Name=“RandomCert.p12” Source=”…\Path\To\RandomCert.p12” />

<iis:Certificate Id=“Certificate.MnpTestCertificate” Name=“RandomCert.p12” Request=“no” StoreLocation=“localMachine” StoreName=“personal” Overwrite=“yes” BinaryKey=“Certificate.RandomCert.Binary” PFXPassword=“myCertPassword_Optional” />

</Component> </Directory>

<Binary Id=“Certificate.RootCA.Binary” SourceFile=”…\Path\To\MyRootCert.cer” /> <Binary Id=“Certificate.RandomCert.Binary” SourceFile=”…\Path\To\RandomCert.p12” />

</Fragment>

<Fragment> <ComponentGroup Id=“Component.InstalledCertificates”> <ComponentRef Id=“MyRootCert.cer” /> <ComponentRef Id=“RandomCert.p12” /> </ComponentGroup> </Fragment>

</Wix>