I followed the instructions given in this link http://support.microsoft.com/kb/167158 for packing my ActiveX control. It works fine in my development machine. When it is accessed in some other machine it gives the following error "Windows Has blocked this software because it cant verify the publisher". I have used a test certificate to sign my control and the testing machine is Windows 7 with IE 9.
Problem Fixed:
I have to sign my .ocx file other than my cab file and build the control with MFC dlls statically linked. That helped me to fix the issue.
You have some options:
Sign the CAB
Add your site to trusted site or change your browser settings
Here some links about signing the CAB:
http://msdn.microsoft.com/en-us/library/ms537364(v=vs.85).aspx - Signing and Checking Code with Authenticode
http://www.top20toolbar.com/misc/codesigncert.htm - Article about how to sign ActiveX for free
you can also try to install the activeX with non-admin rights (Only for vista and Windows 7) http://msdn.microsoft.com/en-us/library/windows/desktop/aa369519(v=vs.85).aspx - Installing a Package with Elevated Privileges for a Non-Admin
What about Download unsigned ActiveX set to Enable:
if this is working then you need to check your sign and see it's ok,
Related
I have build an installer for my application with the QtIFW2.0.1 on Windows. As we offer the installer for download, I have signed the installer executable with a valid certificate. So our verified name shows up while the installation process ask for the needed access rights.
Nevertheless there is an unpleasant messagebox if the user uninstalls, updates or changes our application via the maintenancetool.exe.
How is it possible to extract the maintenancetool.exe, sign it and put it back in the installer executable?
Maintenancetool signing in Windows (QTIFW-667) is possible since Qt Installer Framework version 3.1.0 which was released April 11th 2019.
This is on Mac 10.8
I have written Google Chrome Extension and a Native Messaging executable which communicates with the Chrome Extension using Native Messaging. All works fine with my Proof of Concept as part of development.
Issue is that now I want to get it deployed.
I have my in house installer which by which I need to create a com.my_company.my_product.json manifest file inside of this /Library/Google/Chrome/NativeMessagingHosts directory which cannot be accessed unless I ask for the password of the admin user.
I am doing this port as part of migration of NPPlugin to Chrome Extension Native messaging communication which will replace the NPPlugin. NPPlugin can be accessed from both /Library as well as ~/Library which does not require sudo permissions.
Why does the manifest file need to be at root /Library level ad not user ~/library level? If so how can we get this installed on a Mac without bothering the user with admin password which the user will obviously be less likely to share.
If anyone has a solution, the Native Executable is a C++ program that can use Mac API calls.
Your understanding is correct. The Chromium team is investigating user directories as an additional option. Ensuring continuing security is the primary concern. I'll update this answer when there's more to report. (Update 6/1/2014: see Rob W.'s comment to this answer)
I have made a browser plugin and tried to deploy it from a .cab file in IE. And it's per-user install.
My problem is in Windows XP, The installation works well in different users. However, in Windows 7, when open the page including the .cab, the .cab file is downloaded and extracted, but when I click 'install' button, nothing happens.
Here's .inf file:
[version]
Signature="$CHICAGO$"
AdvancedINF=2.0
[Deployment]
InstallScope=user
[Setup Hooks]
hook1=hook1
[hook1]
run=%EXTRACT_DIR%\MyPlugin.exe
'MyPlugin.exe' is in the .cab file too.
Note that there's a [Deployment] segment in the code, I get it from MSDN, if delete this segment, it can install in Win7, but UAC popup and I need to enter admin password. But the browser plugin I made is for per-user, I think it should not need the admin privilege here.
UPDATE:
Now I find that IE doesn't request admin privilege only when browsing the page from intranet, otherwise, it will still request admin privilege if browsing from internet, so I doubt that IE will force using admin privilege to execute the hook to install .exe file.
If your %EXTRACT_DIR% is anywhere outside of \users\%user%\ or any subdirectories then it will require administrator password: ie. Programfiles.
You are probably not registering your plugin under HKEY_CURRENT_USER , for the deployment to work without the UAC popup popping out correctly on Windows 7. According to MSDN your plugin needs to be registered under HKEY_CURRENT_USER : On both Windows XP and Windows Vista, non-administrators are prevented from installing any ActiveX on their own. But now an **ActiveX registered under the HKEY_CURRENT_USER** hive is now fully supported by Internet Explorer within the context of a user's privilege level.
Recently I have been experimenting with Firebreath and developed a plugin in order to showcase my c++ projects on my portfolio website. I would like to make it easy for users to look at the projects without downloading files if they are new on my website.
The only issue I have at this point is that when users visit my page, they will receive a message indicating the plugin is missing. I would like to have an option for the users to automatically install my plugin without having to manually download and run it.
The plugin is mainly targetted at Windows users, since the applications are as well. I intend to support Google Chrome, Firefox, Internet Explorer. Currently I am using a MSI installer to install the plugin.
I have found a question similar to this, but I still needed to save the MSI installer and run it.
My question is: What would be the best way to implement this?
There isn't any way to "automatically" do what you want to do. The closest that I have heard of would be to use a java applet that would download and install the plugin for them. This can be pretty reliable on Mac but far less reliable on windows (for a number of reasons, among which the fact that many windows users don't have java installed and that Chrome blocks java applets by default without intervention by the user).
Other options include:
Creating a CAB file installer (only works on IE)
Creating a XPI firefox extension that packages the plugin (requires restarting the browser, only works on firefox)
Creating a CRX chrome extension that packages the plugin (only works on Chrome)
Microsoft ClickOnce used to work pretty well for one click installs of MSI files from a web page, but recently I think it doesn't work on many (if any) browsers; haven't seen it used in awhile, anyway.
There is no "automatic" way to install plugins; that would be considered a severe security issue. This is probably the #1 reason that plugins are as uncommon as they are.
do what adobe does,
create a tiny activeX application downloader, sign the activeX from with cheap SSL
when a user, enters your site, he will automatically be downloading this tiny ActiveX, after installation complete, inside the tiny ActiveX, have some type of batch script to download the EXE from remote server and silently install it.
adobe does this, on every reboot in boot.ini or startups
very easy
Windows web server 2008 R2 64 bit, CF9 64 bit, IIS7, ISAPI extensions and filters and II6 metabase compatability installed. OS is on C default, and trying to install CF to D:
Testing IIS and it shows index.html correctly from c:\inetpub\wwwroot at http://localhost/index.html
Then I install CF to D:\ , single standard server licence, select run with all IIS sites, select C:\inetpub\wwwroot as the web root for administrator, and when it gets to the bit where it is supposed to open up administrator to complete the installation it opens up the browser with a 500 error.
Now when I go back to http://localhost/index.html I also get a 500 error, if i uninstall CF I can again reach the html page.
CFIDE has been installed in C:\inetpub\wwwroot presumably correctly. Can anyone tell me where I'm going wrong please.
Update
The exact IIS error is
HTTP Error 500.0 - Internal Server Error
The page cannot be displayed because an internal server error has occurred.
Module IsapiModule
Notification ExecuteRequestHandler
Handler AboMapperCustom-28262
Error Code 0x800700c1
Requested URL http://127.0.0.1:80/test.htm
Physical Path C:\inetpub\wwwroot\test.htm
Logon Method Anonymous
Logon User Anonymous
Resolves as below
There is a setting Enable 32-Bit Applications under Application Pool>Advanced settings. Set this to True and you will gain access to your CFIDE>Administrator page.
I would suggest first trying a restart. It is one of those things that after the fact sounds so obvious, but you never think of it. I know I have had problems with installing CF under IIS and had to restart the server to get it running.
I'm humiliated to admit it, but the problem was that what I thought was the cf9 64 bit installer, was the 32 bit one.
# Dave and # CfSimplicity many thanks for your help and in particular the IIS user account stuff was new learning for me.
Try checking the file system permissions for this folder:
D:\ColdFusion9\runtime\lib\wsconfig
The account that IIS uses needs Read, Execute and Modify permissions on this folder and below.
It might be because of two problems.
1) you haven't installed CGI, ISAPI extensions and ISAPI filters aren't installed yet in Web Server (IIS) of Server manager.
Window 2008 R2 with Coldfusion
2) you need to enable 32 bit application at IIS7.
Internal 500 error CF9 on Window 2008
I tried a different approach with my Windows 7 Home Premium - See http://coldfusioner.blogspot.com/2011/12/fix-number-1-installing-64-bit.html
It seems that I was successful by using the IIS Connector batch scripts manually and then to create a second default web site after installing the handlers. My article link above shows the steps I took - a very raw article and will likely be refined as I hear from others how they adapted my approach. The important thing is that this worked ;>) I hope it helps others...
The problem could be that your Application Pool that is part of your default website. It is possible to set it to run 32 bit applications. Try setting the Enable32bit to false in the defaultapppool of your IIS server, restart the app pool and your www service itself. Then try to use the ColdFusion wsconfig tool to add the IIS mapping. It should work even without the cf 9 updater 1 being installed on the server.
To avoid a 500 error when accessing the Administration console for the first time when installaing ColdFusion 9 on a Windows 2008 server with IIS 7.5 installed, include the "IIS_IUSRS" user group with "Full Control" to the \Lib\wsconfig folder in Enterprise server or \runtime\lib\wsconfig folder in Standard server. Before starting the ColdFusion install, make sure the "IIS 6 Management Compatibility" functions are installed, especially the "IIS 6 Metabase Compatibility" function.
Assuming that you use the default installation paths (C:\JRun4 for Enterprise or C:\ColdFusion9 for Standard), here is a step-by-step approach:
Begin the ColdFusion installer as an Administrator. At the completion of the initial installation process, but before accessing the online Administration console, do the following:
1.) At the Start Menu, select "Computer"
2.) In the Enterprise install, go to C:\JRun4\lib. For the Standard install, go to C:\ColdFusion9\runtime\lib.
3.) Right-click "wsconfig" and select "Properties" to open the wsconfig properties dialog box.
4.) Click the "Security" tab.
5.) Click "Edit" to change permissions for that folder.
6.) Click "Add..." to add a new user/group.
7.) Enter "IIS_IUSRS" in the Object name field and click OK to return to the Permissions dialog box.
8.) In the permissions dialog box, ensure that the "IIS_IUSRS" group is highlighted and click "Full Control" in the "Allow" column, then click "OK" to close the dialog box. Ensure that the permissions change will affect all files and folders under wsconfig.
9.) Click "OK" to close the wsconfig properties box.
Return to the ColdFusion installer wizard and continue the installation by clicking the open ColdFusion Administrator link. If the settings are correct, after a minute or two, a web browser with the ColdFusion Administrator Console should appear so you can complete the installation.