Skip to content

Update WiX package dependency #36854

@joeloff

Description

@joeloff

Description: Some customers have strict CI policies around Device Guard. Even though WiX binaries are signed with the .NET Foundation authenticode certificates, the root certificate may not be in the allow list. Some customers do not want to add custom exclusions or install additional certificates on their machines.

To mitigate this, we've dual signed the WiX binaries with the Microsoft 3rd Party App SHA2 authenticode certificate in addition to the .NET Foundation SHA2

Impact: Installers that rely on built-in custom actions from WiX as well as some binaries that ship in the standalone bundles.

Risk: Low

Release: 6.0 RC2

Notes: This has been on tactics' radar for the last two weeks and already agreed to do this for RC2 so we have time to react to any issues before GA.

We have both a nupkg and .zip available. See dotnet/installer#12078 for an example. Note that the package ID have changed. The version tracks both the internal build and the WiX release so we can better manage rebuilds of the package or taking new releases from WiX.

Metadata

Metadata

Assignees

Labels

DoneThis issue has been fixedarea-infrastructureIncludes: MSBuild projects/targets, build scripts, CI, Installers and shared framework

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions