Installing Certificates using Wix (Windows Installer Xml / Voltive)

I’ve been working with WiX ( wix.sourceforge.net ) for generating application installers over the past few weeks.

The project is rapidly evolving (if I recall, it was one of Microsofts first forays into open source development) but as a side effect finding up to date documentation can be a little taxing. The documentation is good and quite comprehensive, but often subtly incorrect or outdated.

Anyway, we have a few services at work that require certificates to be installed at install time into the Windows certificate store. Previously we had a couple of custiom actions designed to configure the user and store, but after a little investigation it appears like this functionality comes for free in the Wix toolkit.

It’s confusingly in the IIS extensions, which is a bit of a misnomer- it’s only in there because it was originally designed to install certificates for web servers, however it works perfectly for any certificate.

So how do you do it? In Wix3, ensure you first have a reference to WixIIsExtension.dll (in the default install, it’s in c:\Program Files\Windows Installer XML v3\bin) in your project if you’re using voltive, or manually linked if you’re building on the command line. The following example is of a fragment which installs two certificates, one as a Root certificate authority and another as a certificate in local machine.

<?xml version=”1.0″ encoding=”utf-8″?>
<Wix xmlns=”http://schemas.microsoft.com/wix/2006/wi”
xmlns:iis=”http://schemas.microsoft.com/wix/IIsExtension”>

<Fragment>
<Directory Id=”Directory_Certificates” Name=”Certificates”>
<Component Id=”MyRootCert.cer” Guid=”*”>
<File Id=”MyRootCert.cer” Name=”MyRootCert.cer” Source=”..\..\Path\To\MyRootCert.cer” />

<iis:Certificate Id=”Certificate.RootCA”
Name=”MyRootCert.cer”
Request=”no”
StoreLocation=”localMachine”
StoreName=”root”
Overwrite=”yes”
BinaryKey=”Certificate.RootCA.Binary”
/>

</Component>
<Component Id=”RandomCert.p12″ Guid=”*”>
<File Id=”RandomCert.p12″ Name=”RandomCert.p12″ Source=”..\..\Path\To\RandomCert.p12″ />

<iis:Certificate Id=”Certificate.MnpTestCertificate”
Name=”RandomCert.p12″
Request=”no”
StoreLocation=”localMachine”
StoreName=”personal”
Overwrite=”yes”
BinaryKey=”Certificate.RandomCert.Binary”
PFXPassword=”myCertPassword_Optional”
/>

</Component>
</Directory>

<Binary Id=”Certificate.RootCA.Binary” SourceFile=”..\..\Path\To\MyRootCert.cer” />
<Binary Id=”Certificate.RandomCert.Binary” SourceFile=”..\..\Path\To\RandomCert.p12″ />

</Fragment>

<Fragment>
<ComponentGroup Id=”Component.InstalledCertificates”>
<ComponentRef Id=”MyRootCert.cer” />
<ComponentRef Id=”RandomCert.p12″ />
</ComponentGroup>
</Fragment>

</Wix>

4 Responses to “Installing Certificates using Wix (Windows Installer Xml / Voltive)”

  1. D-Dev Says:

    Hey, thank you for the post on this. I’ve been looking for this sample for over a week. Would you mind posting what your main Product.wxs file looks like for this install? I’m wanting to know how to properly link these in and finalize the package. We don’t really have an install directory need since we are just installing certs…so do you have the directories in there? Seeing the final wxs main product file should help answer our final questions.

    Thanks!

  2. » Installing certificates using WiX / Voltive (blog) - davidwhitney.co.uk Says:

    […] I’ve previously provided a code snippet illustrating how to use WiX (the “new” Win… […]

  3. Gyan Says:

    I got blinded after reading through this.

  4. Goshe Says:

    This sample save my life, after few unsuccessfull Custom Actions and 2 days spent for finding solution

Leave a Reply