On 10/2/2019 12:33 PM, Sverre Moe wrote:
ons. 2. okt. 2019 kl. 16:07 skrev Alexey Semenyuk
<alexey.semen...@oracle.com <mailto:alexey.semen...@oracle.com>>:
Hi Sverre,
Thank you for doing this research. I don't think we should complicate
jpackage by adding signing steps in it.
However we can add a call to custom script after msi is
constructed but
before it get embedded in exe installer.
This script can sign msi.
We already support call of custom script from resource dir before
building msi. Just need to add another call.
- Alexey
I can certainly use the custom application-post-image.wsf to sign the
application image executable. However I don't think it would be easy
considering that this executable is left read-only by jpackage.
I didn't mean to sign application image executable. This opportunity is
already available.
I meant we can add to jpackage functionality to call custom script after
msi is created but before it get embedded in exe installer.
Exe installer produced by jpackage is just a container for msi
installer. Before msi will be put in the container there will be an
opportunity to modify (sign) the msi.
Currently the steps to create exe installer are:
1.1 Create app image
1.2 Call application-post-image.wsf if available
2. Create msi from app image
3. Create exe from msi
It will be changed to:
1.1 Create app image
1.2 Call application-post-image.wsf if available
2.1 Create msi from app image
2.2 Call application-post-msi.wsf if available
3. Create exe from msi
- Alexey
When it comes to signing the MSI and EXE installers, that can be done
after running jpackage with a Gradle Exec task.
/Sverre
