I’m not sure why they can’t simplify the process of signing code. It seems that every time a release comes out, it takes a day or more to figure out. We use Verisign and have a current pfx file.

I have an application that runs as administrator, so I need to sign both the application as well as the installer. I managed to accomplish this once several months ago, and release. This release, I decided to simplify the process, and set up Visual Studios to automatically sign the required files, using Properties -> Signing for each project. Then I ran my script while building the installer as a PostBuildEvent to sign that.

I thought everything was going good, as the installer gave the company name. However, when I ran the application, “Unknown” was displayed in the UAC. I decided to go back to the way I was doing it before, building, signing the files, building the installer, and finally signing it. This had worked three months ago, but now I am still getting the “Unknown” issue in the UAC popup.

I did not add any new classes to the solution, so my signing scripts should still be valid. I cannot figure out what I may be doing wrong. Is there any good documentation on how to sign with Verisign or simple rules that should be followed? It seems like calling signtool.exe sign /f "Verisign.2012.pfx" /p myPassword "C:\...\Installer.msi" on all .exe and .dll files after building, then creating the installer and calling the same on the .exe and .msi file should ensure that everything is signed and I shouldn’t be seeing “Unknown.”

Is there anyone out there with more experience than I (I am sure several) who may see the gaping hole in my understanding, and set me on the correct path? Thank you.