|
I'm back and working on this. It's my highest priority other than 2.2.7 and 2.4.9 releases.
My next steps will be roughly:
- Download unsigned specific nightly MSI and verify its behavior when downloaded via a browser - e.g. security dialogs, basic install.
- Get self signed cert for testing process without using prod cert.
- Manually sign the same MSI and re-verify download/install, make sure unsigned warnings/errors go away
- Set up automation with self signed cert for MCI to do signing if possible.
- May have to just integrate manual signing into release process if automating in build process isn't feasible
- Manually sign with prod cert and re-verify.
- Swap in prod cert for self signed cert
|