On Windows I digitally sign an .exe which I package up and also the created BitRock Windows installation image. At installation time Windows correctly identifies the authenticity of my installation image. However, when I later uninstall my product the uninstall image is not digitally signed. Is there a way I can sign the uninstall image too?

asked 15 Feb '12, 16:18

ColinBlake's gravatar image

accept rate: 0%

Creating a signed uninstaller is possible by first installing any project using your version of InstallBuilder, then copying the uninstall.exe file and signing it.

Next you can deploy your uninstaller along with your installation (for example naming it uninstall-signed.exe) and replace the uninstaller in <postUninstallerCreationActionList>. For example:


The code above will also delete the uninstall-signed.exe and remove it from list of files to uninstall.

The <wait> action prevents overwriting issues for cases such as antivirus or OS still keeping the uninstall.exe opened.


answered 16 Feb '12, 06:43

wojciechka's gravatar image

wojciechka ♦♦
accept rate: 26%

How about I just sign the uninstall.exe image which resides in C:\Program Files (x86)\BitRock InstallBuilder Professional 8.0.0. Will that work? Then I won't need the extra postInstaller commands.

(16 Feb '12, 13:54) ColinBlake

It is not possible. The uninstall.exe from InstallBuilder directory is not used in any of the installers created by InstallBuilder.

The uninstaller binary is generated dynamically at installation time from the original installer. The only option is to ship the binary in your installer and overwrite it after it is originally created.

(17 Feb '12, 06:33) wojciechka ♦♦

What is lost from the dynamically created uninstaller binary if I replace it with one from a different install? Are my pre/postUninstallationActionLists intact? Are the persistent variables (e.g. custom installation paths) still available from the new install?

(03 Oct '13, 08:50) Paul F

All of the actions and list of files are preserved - all of the metadata is stored in uninstall.dat and the binary is reading all information from that file.

(03 Oct '13, 09:38) wojciechka ♦♦

I've wondered about this myself and find the answer interesting. I understand that the uninstaller has to be generated, but the above approach doesn't lend itself to automation. So a way to generate just the uninstaller as a post-build step would be a nice future feature. It would be convenient not to do a full install on the build machine, so maybe a command line option for generated installers.... Thanks.


answered 07 Oct '13, 15:54

mattatoffleash's gravatar image

accept rate: 40%

Has there been any enhancement to the uninstaller signing workaround in version 15.9.0? If I have to use the workaround: Could I install once, sign the uninstaller and use it in future versions of the installer? What happens if I add/delete files to the installer? Or add/delete actions? Thanks!

(19 Oct '15, 11:11) danish1

We have still not merged the functionality to sign Windows uninstallers. If you use the workaround, you should not find issues adding actions or files to the uninstaller, as this information is stored in the uninstall.dat file.

(20 Oct '15, 07:26) alejandror ♦♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: 15 Feb '12, 16:18

Seen: 2,960 times

Last updated: 20 Oct '15, 07:26