我希望我的WIX安装程序能够安静地调用NETSH命令将自签名证书绑定到IP地址:port。
正在调用CAQuietExec,但NETSH命令失败。
MSI (s) (C4:84) [16:19:50:455]: Executing op: CustomActionSchedule(Action=customQtExecRtBindCertToPort,ActionType=3137,Source=BinaryData,Target=CAQuietExec,CustomActionData="netsh" http add sslcert ipport=0.0.0.0:8080 certhash=2B2C23C6B1334F886B9FFD827D64BDC072BBEFD7 appid={123456-7890-12345-4567-AAABBBCCCDDDFFFF})
MSI (s) (C4:8C) [16:19:50:457]: Invoking remote custom action. DLL: C:\Windows\Installer\MSI87DB.tmp, Entrypoint: CAQuietExec
MSI (s) (C4:78) [16:19:50:457]: Generating random cookie.
MSI (s) (C4:78) [16:19:50:458]: Created Custom Action Server with PID 2588 (0xA1C).
MSI (s) (C4:38) [16:19:50:477]: Running as a service.
MSI (s) (C4:38) [16:19:50:479]: Hello, I'm your 32bit Elevated custom action server.
CAQuietExec:
CAQuietExec: SSL Certificate add failed, Error: 1312
CAQuietExec: A specified logon session does not exist. It may already have been terminated.
指定的登录会话不存在。它可能已经被终止。
当我从命令shell运行完全相同的命令时,我成功了:
>SSL Certificate successfully added
我的代码非常简单:
<CustomAction
Id="customQtExecRtBindCertToPortData"
Property="customQtExecRtBindCertToPort"
Value=""netsh" http add sslcert ipport=0.0.0.0:[RT_PORT] certhash=[CERT_THUMBPRINT] appid={123456-7890-12345-4567-AAABBBCCCDDDFFFF}"
/>
<CustomAction
Id="customQtExecRtBindCertToPort"
BinaryKey="WixCA"
DllEntry="CAQuietExec"
Execute="deferred"
Return="ignore"
Impersonate="no"
/>
我尝试在Windows Server 2008 R2中使用提升的权限运行,但仍然会收到相同的日志输出。
答案 0 :(得分:2)
在尝试修改我的安装程序以调用自定义控制台应用程序时,相反,调用NETSH(以及其他一些任务),我得出了我认为的实际问题。
虽然我的CustomAction声明具有正确设置Execute =“deferred”和Impersonate =“no”的属性,但我认为当时的安装顺序没有在 InstallInitialize 和 InstallFinalize ,如此链接中所述:Installation change do not ask for UAC permissions。
使用UAC和所有有趣的东西部署到W2K12,带来了同样的错误,然后在将我的自定义操作安装程序序列设置为以下时,我能够克服已定义的问题。
<Custom
Action="customQtExecRTBindCertToPortData"
Before="InstallFinalize"
>
<![CDATA[NOT Installed AND CERTIFICATE_NEEDED = "TRUE" AND &featureServices = 3 ]]>
</Custom>
<Custom
Action="customQtExecRTBindCertToPort"
After="customQtExecRTBindCertToPortData"
>
<![CDATA[NOT Installed AND CERTIFICATE_NEEDED = "TRUE" AND &featureServices = 3 ]]>
</Custom>