The PFX file includes the complete certificate chain. (The PFX file actually includes 3 certificates including an updated root cert for Verisign.) Thus all of the embedded certificates need to be installed. When I use the IISAdmin tool to import the file (Website properties->Directory Security Tab->Server Certificate), it automatically installs all of the certificate to the appropriate stores.
Will Wix3 handle this? If not should I request a feature enhancement? -----Original Message----- From: Rob Mensching [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2008 1:58 PM To: General discussion for Windows Installer XML toolset. Subject: Re: [WiX-users] How do I install an SSL certificate? Import the PFX on to your machine, then export only the certificate you want in a PFX you ship? -----Original Message----- From: Bjerstedt, Tony [Audatex - Americas] [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2008 10:48 To: wix-users@lists.sourceforge.net Subject: Re: [WiX-users] How do I install an SSL certificate? Ok, more information. I took a look at the source for the certificate install code (gotta love open source). The PFX file (binary stream) is passed as a BLOB. The install code decrypts it and installs the first and only the first certificate in the file. (This results in the intermediate certificate being installed to the wrong location (LocalMachine/My) instead of (LocalMachine\Intermediate) and the actual certifacte being completely ignored. Any suggestions on how to make this work? -----Original Message----- From: Bjerstedt, Tony [Audatex - Americas] Sent: Tuesday, October 07, 2008 8:33 AM To: wix-users@lists.sourceforge.net Subject: [WiX-users] How do I install an SSL certificate? Does anybody out there have an EXAMPLE of installing a certificate to enable SSL for a website? The PFX file from Verisign contains 2 certificates, the actual certificate and an intermediate chain and when I try to install it, the wrong certificate is installed and associated with the web site. And Google has not found an actual example of using the <Certificate> element. I am running WiX 2.0.5805.0 (too late in cycle to upgrade). Fragment looks like <Directory Id="WEBROOT" Name="SVCSHOL" LongName="Ecom.hollandersolutions.com"> <!-- Create the folder and website --> <Component Id="C_WebRootDir" Guid="3D7423CA-0498-4B7E-B4EE-7868E265DBE9" KeyPath="yes"> <CreateFolder/> <WebAppPool Id="EcomHollanderPool" Name="EcomHollanderPool" RecycleMinutes="1740" IdleTimeout="20" QueueLimit="1000" MaxWorkerProcesses="1"/> <WebSite Id="EcomWebWebsite" Description="Ecom.hollandersolutions.com" Directory="WEBROOT" DirProperties="MainWebDir" ConfigureIfExists="yes" StartOnInstall="yes" AutoStart="yes" WebLog="SvcWebLog"> <WebAddress Id="EcomWebWebAddr" IP="[IPADDR]" Port="[HTTPPORT]" Secure="no"/> <WebAddress Id="EcomWebSslAddr" IP="[IPADDR]" Port="443" Secure="yes"/> <WebApplication Id="EcomWebWebAppl" Name="EcomWeb Applications" WebAppPool="EcomHollanderPool"/> <CertificateRef Id="SSLCertificate"/> </WebSite> </Component> ... <Component Id="C_SSL_Certificate" Guid="6432FBE2-2F91-4243-8817-8E2367FEB164" KeyPath="yes"> <Certificate Id="SSLCertificate" BinaryKey="SSLCertificate" Request="no" Name="ecom.hollandersolutions.com" StoreLocation="localMachine" StoreName="personal" PFXPassword="********"/> </Component> ... <Binary Id="SSLCertificate" SourceFile="Binaries\ecom.hollandersolutions.com.pfx"/> The PFX was created by building the certificate from the components supplied by Verisign and exporting it. Do I need to have multiple certificate entries for the PFX file? If so how do I reference the second certificate. I tried using the Request="yes" option and the install fails with: InstallCertificates: Error 0x80004001: Installing certificates by requesting them from a certificate authority is not currently supported Any help would be greatly appreciated. Tony Bjerstedt Software Engineer Hollander, a Solera Company 14800 28th Ave N., Suite 190 Plymouth, MN 55447 Direct: (763)519-3235 Email: [EMAIL PROTECTED] www.hollandersolutions.com <http://www.hollandersolutions.com> ------------------------------------------------------------------------ - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users ------------------------------------------------------------------------ - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users ------------------------------------------------------------------------ - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
