How to automate the process of creating multiple projects including digitally signing exe in Delphi?
After creating a project team of 2 projects with Delphi (2009), I sign the digit 2 exes with the InstallAware exe code signing supplied with Delphi 2009.
How can a digital signature be automated so when building I can add a digital signature as well.
For digital signing I use pvk file (private key) and spc certificate file (Publisher Sw).
Subquestion: Also, I created a project group because I have 2 exes, but they are almost the same, the only thing that changes is the app icon and app name (one is ProductOne.dpr, the other is ProductTwo.dpr).
In practice, I have 2 brands of the same product, I have one assembly, but the activated keys activate one or the other, in any case I was asked to change the icon and file name, and for this I need to build 2 projects, the activation key is not enough to distinguish 2. Anyway, if there is a way to do it from one project, it would be better.
a source to share
In the first part:
We code our executables using a FinalBuilder script, but the same can be achieved using the command line:
signtool sign /f cert-file.pfx /p pwd /d "MyApp description" /du "http://www.your-url-here.com/" /t "http://timestamp.globalsign.com/timstamp.dll" MyApp.exe
signtool comes from the MS Windows SDK and can also work with certificates from the local computer's certificate store. See the linked document page for small changes needed for different forms of certificate.
I would suggest that this can be added to events after building your project. Then it will run every time you do a full build.
Not sure about the second question - although I'd rather use a third party tool like FinalBuilder (again) to manage icon / resource replacement etc. and do the actual assembly.
a source to share
For signing my exe I am using "signtool" and you already have the command line to sign your exe from shunty.
To change the exe icon I am using "ResHacker.exe": it is a small free application that can be automated from the command line, so it can be used with any build automation software. Here's a command line example:
"C:\Path\ResHacker.exe" -modify "D:\PathToExe\ExeName.exe", "D:\PathToExe\ExeName.exe", "C:\PathToIco\IcoName.ico", ICONGROUP, MAINICON,
Don't omit any comma!
This works great. For automation, I use FinalBUilder and I generate 4 (four) versions of one application from one script, rebuilding each time, so I can use different compiler directives, then I change the icon to a version set, signing everything, building installations, signing settings, archiving installations and finally uploading my settings to my "beta" website (not our official website, another website that only a few people know about)
a source to share
I would use Visual Build Pro from Kinook (I think this is an SO advertiser) to automate compilation and signing. It can sign directly, no need for SignTool.
Part2 sounds good to ResHacker , which can be used to replace resources in an application. This must be done before signing.
a source to share