[Distutils] How to sign a exe created with bdist_wininst?

Brian Cole coleb at eyesopen.com
Fri Apr 17 17:29:02 CEST 2015

We've recently converted over to using bdist_wininst for creating our Windows .exe installers for our libraries. Unfortunately, whenever we use the Windows signtool utility to cryptographically sign our installer it appears to corrupt the .exe and it can't be run anymore. The error message thrown by Windows is "Setup program invalid or damaged".

My best guess at this point is that bdist_wininst is creating a checksum of the file somehow and signtool is altering the file in such a way to invalidate that checksum. The commands we're using at this point is like this:

python3.4.exe setup.py bdist_wininst --target-version 3.4 --bitmap OurLogo --title OurTitle-OurVersion
cp DistUtilsSetupFileName.exe OurSetupFileName.exe
call "C:\program Files (x86)\Microsoft Visual Studio 9.0\Common7\Tools\vsvars32.bat"
signtool sign /n OurCompany  /t http://timestamp.verisign.com/scripts/timstamp.dll /d OurProject /du OurWebsite OurSetupFileName.exe

Anyone know of a way to cryptographically sign an .exe installer from bdist_wininst?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20150417/b6645f7d/attachment-0001.html>

More information about the Distutils-SIG mailing list