Executable not being signed when using @electron-forge/maker-squirrel

[augustnmonteiro]

Pre-flight checklist

• [X] I have read the contribution documentation for this project.
• [X] I agree to follow the code of conduct that this project uses.
• [X] I have searched the issue tracker for a bug that matches the one I want to file, without success.

Electron Forge version

6.0.0-beta.65

Electron version

v19.0.7

Operating system

Windows 10

Last known working Electron Forge version

No response

Expected behavior

The .exe file should be signed with the certificate that was configured inside forge.config.js

Actual behavior

the .exe gets generated but it isn't signed

Steps to reproduce

Configure the certificate inside forge.config.js like:

    {
      name: "@electron-forge/maker-squirrel",
      config: {
        name: "myapp",
        certificateFile: "./certificate.pfx",
        certificatePassword: "password"
      }
    }

then run electron-forge make

Additional information

No response

[georgexu99]

Hello! Thank you for your issue.

what is the folder path of the exe that isn't being correctly signed? is the make command returning any errors? Lastly: can we check whether /path/to/app/out/make/squirrel.windows/x64/<setupName>.exe is signed (right-click->properties->Digital Signatures)

[carlos-labrador]

same here, the command does not return any errors but the executable is generated without signature (file properties)

[VerteDinde]

@carlos-labrador Could you please confirm whether you're using the executable @georgexu99 mentioned above (specifically the one in the make folder)?

[georgexu99]

@carlos-labrador

The expected behaviour is such that /path/to/app/out/make/squirrel.windows/x64/<setupName>.exe is signed.

In contrast, we do not expect /path/to/app/out/<appname>/<appname>.exe to be signed.

[carlos-labrador]

@carlos-labrador Could you please confirm whether you're using the executable @georgexu99 mentioned above (specifically the one in the make folder)?

@georgexu99 , yes the path looks exactly the same , this is mine:

C:\path\to\my-app\out\make\squirrel.windows\x64\my-app.exe

the workaround for this issue is like this: signtool sign /tr http://timestamp.sectigo.com /td sha256 /fd sha256 /a "my-app.exe"

How to reproduce ?

• basically , create a new project with this command: yarn create electron-app my-app --template=typescript-webpack

• add a certificate to the root folder eg: certificate.pfx from sectigo

• add those keys to package.json:

 "name": "@electron-forge/maker-squirrel",
         "config": {
           "name": "my-app",
           "certificateFile": "./certificate.pfx",
           "certificatePassword": ""
         }

• run yarn electron-forge make

[georgexu99]

can you upload the console logs when you run:

DEBUG=electron-windows-installer* yarn make in your my-app

[carlos-labrador]

Hi @georgexu99 , please check this log output:

$ set DEBUG='electron-windows-installer*';electron-forge make
Done in 0.09s.
PS C:\Users\carlos\Documents\electron-projects\my-app> yarn make
yarn run v1.22.19
$ set DEBUG='electron-windows-installer*'&& electron-forge make
✔ Checking your system
✔ Resolving Forge Config
We need to package your application before we can make it
✔ Preparing native dependencies
✔ Compiling Main Process Code
✔ Compiling Renderer Template
✔ Preparing to Package Application for arch: x64
✔ Preparing native dependencies
✔ Packaging Application
Making for the following targets: squirrel
✔ Making for target: squirrel - On platform: win32 - For arch: x64
Done in 54.39s.
PS C:\Users\carlos\Documents\electron-projects\my-app> $env:DEBUG='electron-windows-installer*';yarn make
yarn run v1.22.19
$ electron-forge make
✔ Checking your system
✔ Resolving Forge Config
We need to package your application before we can make it
✔ Preparing native dependencies
✔ Compiling Main Process Code
✔ Compiling Renderer Template
✔ Preparing to Package Application for arch: x64
✔ Preparing native dependencies
✔ Packaging Application
Making for the following targets: squirrel
⠋ Making for target: squirrel - On platform: win32 - For arch: x64  electron-windows-installer:main Created NuSpec file:
  electron-windows-installer:main <?xml version="1.0" encoding="utf-8"?>
  electron-windows-installer:main <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
  electron-windows-installer:main   <metadata>
  electron-windows-installer:main     <id>my_app</id>
  electron-windows-installer:main     <title>my-app</title>
  electron-windows-installer:main     <version>1.0.0</version>
  electron-windows-installer:main     <authors>Carlos Labrador</authors>
  electron-windows-installer:main     <owners>Carlos Labrador</owners>
  electron-windows-installer:main     <iconUrl>https://raw.githubusercontent.com/electron/electron/master/shell/browser/resources/win/electron.ico</iconUrl>
  electron-windows-installer:main     <requireLicenseAcceptance>false</requireLicenseAcceptance>
  electron-windows-installer:main     <description>My Electron application description</description>
  electron-windows-installer:main     <copyright>Copyright © 2022 Carlos Labrador</copyright>
  electron-windows-installer:main   </metadata>
  electron-windows-installer:main   <files>
  electron-windows-installer:main     <file src="locales\**" target="lib\net45\locales" />
  electron-windows-installer:main     <file src="resources\**" target="lib\net45\resources" />
  electron-windows-installer:main     <file src="*.bin" target="lib\net45" />
  electron-windows-installer:main     <file src="*.dll" target="lib\net45" />
  electron-windows-installer:main     <file src="*.pak" target="lib\net45" />
  electron-windows-installer:main     <file src="*.exe.config" target="lib\net45" />
  electron-windows-installer:main     <file src="*.exe.sig" target="lib\net45" />
  electron-windows-installer:main     <file src="icudtl.dat" target="lib\net45\icudtl.dat" />
  electron-windows-installer:main     <file src="Squirrel.exe" target="lib\net45\squirrel.exe" />
  electron-windows-installer:main     <file src="LICENSE" target="lib\net45\LICENSE" />
  electron-windows-installer:main     <file src="my-app.exe" target="lib\net45\my-app.exe" />
  electron-windows-installer:main 
  electron-windows-installer:main     <file src="vk_swiftshader_icd.json" target="lib\net45" />
  electron-windows-installer:main 
  electron-windows-installer:main   </files>
  electron-windows-installer:main </package>
  electron-windows-installer:main  +0ms
  electron-windows-installer:spawn Spawning C:\Users\carlos\Documents\electron-projects\my-app\node_modules\electron-winstaller\vendor\nuget.exe pack C:\Users\carlos\AppData\Local\Temp\si-2022914-59316-1igtq73.xt4hi\my_app.nuspec -BasePath C:\Users\carlos\Documents\electron-projects\my-app\out\my-app-win32-x64 -OutputDirectory C:\Users\carlos\AppData\Local\Temp\si-2022914-59316-1igtq73.xt4hi -NoDefaultExcludes +0ms        
⠹ Making for target: squirrel - On platform: win32 - For arch: x64  electron-windows-installer:main Attempting to build package from 'my_app.nuspec'.
  electron-windows-installer:main Successfully created package 'C:\Users\carlos\AppData\Local\Temp\si-2022914-59316-1igtq73.xt4hi\my_app.1.0.0.nupkg'.
  electron-windows-installer:main  +17s
  electron-windows-installer:spawn Spawning C:\Users\carlos\Documents\electron-projects\my-app\node_modules\electron-winstaller\vendor\Squirrel.exe --releasify C:\Users\carlos\AppData\Local\Temp\si-2022914-59316-1igtq73.xt4hi\my_app.1.0.0.nupkg --releaseDir C:\Users\carlos\Documents\electron-projects\my-app\out\make\squirrel.windows\x64 --loadingGif C:\Users\carlos\Documents\electron-projects\my-app\node_modules\electron-winstaller\resources\install-spinner.gif --no-msi +17s
⠧ Making for target: squirrel - On platform: win32 - For arch: x64  electron-windows-installer:main 
  electron-windows-installer:main  +26s
  electron-windows-installer:main Fixing up paths +1ms
  electron-windows-installer:main Renaming C:\Users\carlos\Documents\electron-projects\my-app\out\make\squirrel.windows\x64\Setup.exe => C:\Users\carlos\Documents\electron-projects\my-app\out\make\squirrel.windows\x64\my-app-1.0.0 Setup.exe +0ms
✔ Making for target: squirrel - On platform: win32 - For arch: x64
Done in 54.53s.

[georgexu99]

Hi Carlos, It looks like your script isn't spawning a process with the correct params

the process I'm referring to:

electron-windows-installer:spawn Spawning C:\Users\carlos\Documents\electron-projects\my-app\node_modules\electron-winstaller\vendor\Squirrel.exe --releasify C:\Users\carlos\AppData\Local\Temp\si-2022914-59316-1igtq73.xt4hi\my_app.1.0.0.nupkg --releaseDir C:\Users\carlos\Documents\electron-projects\my-app\out\make\squirrel.windows\x64 --loadingGif C:\Users\carlos\Documents\electron-projects\my-app\node_modules\electron-winstaller\resources\install-spinner.gif --no-msi +17s

It's missing this at the end.

--signWithParams /a /f "C:\Users\path\to\test-app\MyTestCertificate.pfx" /p "mypassword"

Please doublecheck your config! Under the maker-squirrel config, you should have certificateFile and certificatePassword fields, as shown in the Steps to reproduce section of OP's issue. Cheers!

[carlos-labrador]

Hi @georgexu99 ,

First thank you so much for your support and hard working.

I see what's the issue, sign command does not executed if there is not password in the emaker-squirrel config.

if you read my thread , I mentioned that I used this config.

 "name": "@electron-forge/maker-squirrel",
         "config": {
           "name": "my-app",
           "certificateFile": "./certificate.pfx",
           "certificatePassword": ""
         }

but adding a password into the mentioned configs the logs showed the sign command is executed. so, I guess I have to add a password in order to executed this command.

once again thanks a lot.

[georgexu99]

I see! Sorry, oversight by me, forgot about that part of your previous comment. Happy it was fixed!