Background
I am researching my work to determine if WiX is a viable alternative to InstallShield. Therefore, I tested every scenario that our work encountered so that WiX could handle them. However, I am puzzled by one problem. When the certificate expires, we will need to create a patch that includes the new certificate, and signed by the old certificate before its expiration, in order to ensure a smooth fix without prompting to increase administrator rights.
Problem
There is little documentation on how to do this on the Internet. I tried adding
<DigitalCertificate Id="MyNewCertificate" SourceFile="{PATH_TO_NEW_CERTIFICATE}"/>
to the PatchCertificates element in the wxs file to generate the MSI files, and then use the old and new MSI files to create the MSP file. When I open the .msp file with 7zip, I see that a new certificate is embedded in it. When I test it on a locked account, this patch was applied without an invitation to upgrade, but the next patch, which was signed with a new certificate, shows a hint with an elevation.
What i tried
I tried following the steps https://wyrdfish.wordpress.com/2012/07/20/writing-a-parallel-update/ to create a โparallelโ update, but make changes so that it works with PatchCreation, not Patch. I matched all attribute changes, but it still shows a prompt to the height.
Wyrdfish : " , , , , , ". http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Require-admin-rights-to-msp-td7586837.html, , . - , , .
/ac signtool.exe , .
? MSI , DigitalCertificate, MSP. - - ? ?