Can't execute a specific program via PHP to digitally sign a file -

-

i'm using iis 6.0 , php , i'm trying write php script automates process 1) create installer , 2) digitally sign installer. i've created batch file each individually. if go server , manually run batch files, both work perfectly. if run them via php, installer created never digitally signed. have confirmed that:

  1. all files referenced in batch files have full rights iusr_[computer-name] user.
  2. it not issue file not being created yet first batch file. can put created setup.exe file in folder , run second batch file via php same results.
  3. the batch file getting run. i've put mkdir command in same batch file after digital signing command , folder created.

the code use via php run batch files is:

system('cmd /c c:\\inetpub\\createinstallers\\step1.bat');

the create installer batch file looks this:

"c:\program files\inno setup 5\iscc.exe" c:\inetpub\createinstallers\createinstaller.iss

i'm using inno setup found here: http://www.jrsoftware.org/isinfo.php

the digital signing batch file looks this:

"c:\inetpub\createinstallers\digicertutil.exe" sign /noinput "c:\inetpub\createinstallers\setup.exe"

this done digicertutil.exe's command line feature explained here:

https://www.digicert.com/util/utility-code-signing-command-line.htm

as far can tell, absolutely nothing happens. don't believe there error messages (but little fuzzy on how check them). null returned if run digital sign command via shell_exec this:

    $result = shell_exec('"c:\\inetpub\\createinstaller\\digicertutil.exe" sign /noinput "c:\\inetpub\\createinstaller\\setup.exe"');     var_dump($result);

does have idea why might not working? permissions issue or security limitation?

i found underlining problem , answer. problem certificates imported in user's personal store on per user basis, when tried run digicertutil program via php, not find certificates because iusr did not have personal store certificate use. iusr temporary user , not have personal store. there might way put certificate machine's store, not find it.

instead, used psexec run program locally different user iusr account, this:

shell_exec('c:\\inetpub\\createinstallers\\psexec \\\\127.0.0.1 -accepteula -u myuser -p mypassword -i cmd.exe /c c:\\inetpub\\createinstallers\\digicertutil.exe sign /noinput c:\\inetpub\\createinstallers\\setup.exe');

no batch files required! easy run batch file different user though same methodology.


Comments

Post a Comment

Popular posts from this blog

google api - Incomplete response from Gmail API threads.list -

-
i plot number of emails in inbox on time using gmail api , i'm seeing lot of drop-outs, whatever reason i'm getting incomplete count of messages @ single time points. my plots here: https://plot.ly/~tdsmith/2 -- "drop-outs" i'm complaining trace shoots downwards , recovers previous level @ next timepoint. the code i'm using count emails here: https://github.com/tdsmith/gmail-plotly/blob/master/gmail-plotly.py#l47-l64 what can diagnose these faults?
Read more

Installing Android SQLite Asset Helper -

-
i need use ready made database. search solution on internet did not work until decided use mentioned library found here . however, found hard use library in installation procedures shallow beginners. i appreciate step step procedure on how use android studio. in struggle tried copying sources main/libs , adding line gradle did not work. use api 19 if helps. update here build.gradle // top-level build file can add configuration options common sub-projects/modules. buildscript { repositories { mavencentral() } dependencies { classpath 'com.android.tools.build:gradle:0.11.+' compile 'com.readystatesoftware.sqliteasset:sqliteassethelper:+' // note: not place application dependencies here; belong // in individual module build.gradle files } } allprojects { repositories { mavencentral() } } trying compile project error error:(9, 0) no signature of method: org.gradle.api.internal.artifacts
Read more

Qt Creator - Searching files with Locator including folder -

-
one quick question qtcreator : know possible use locator open files using "ctrl-k" shortcut. however, possible search files including locations? for example, let's want locate file named "main.cpp" in folder named "myfolder" , have lots of other main.cpp files. what should type locator in order open ? just type myfolder/main.cpp in locator
Read more