Hello.
I'd like to create packages for software like MPLABX or the Arduino suite.
However, these programs install drivers that prevent silent installation.
Either it simply doesn't work, or the driver installation windows open on the computer.
Do you have any ideas on how to get around this problem?
Sébd
[SOLVED] Creating software packages with drivers
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
Hello,
it is possible to deploy drivers with pnputil.exe.
The "TrustedPublisher" must be added during installation to avoid the yellow warning displayed when launching pnputil.
If a red warning appears (unsigned drivers), it is not possible to deploy the drivers silently.
In this case, you must re-sign the drivers with your own certificate. Then add them as a TrustedPublisher.
Example of a package where I did this:
https://wapt.lesfourmisduweb.org/detail ... 1_all.wapt
Simon
it is possible to deploy drivers with pnputil.exe.
The "TrustedPublisher" must be added during installation to avoid the yellow warning displayed when launching pnputil.
If a red warning appears (unsigned drivers), it is not possible to deploy the drivers silently.
In this case, you must re-sign the drivers with your own certificate. Then add them as a TrustedPublisher.
Example of a package where I did this:
https://wapt.lesfourmisduweb.org/detail ... 1_all.wapt
Simon
Good morning.
Thanks to your example, I was able to create a working package.
However, I had to install the kb2921916 patch for Windows 7 to get rid of the windows from one of the drivers.
No problems under Windows 10.
Thank you for your help 
Thanks to your example, I was able to create a working package.
However, I had to install the kb2921916 patch for Windows 7 to get rid of the windows from one of the drivers.
No problems under Windows 10.
Code: Select all
def install():
print('installing iutgeii-mplab-x-ide-v3.61')
currentpath = os.path.dirname(os.path.realpath(__file__))
if windows_version() < Version('6.2.0'):
run_notfatal(r'C:\Windows\System32\wusa.exe %s\Windows6.1-KB2921916-x64.msu /quiet' % currentpath)
run(r'C:\Windows\System32\certutil.exe -addstore "TrustedPublisher" %s\mplabx361.cer' % currentpath)
run(r'C:\Windows\System32\certutil.exe -addstore "TrustedPublisher" %s\mplabx361-2.cer' % currentpath)
run(r'C:\Windows\System32\certutil.exe -addstore "TrustedPublisher" %s\mplaxusb361-1.cer' % currentpath)
run(r'C:\Windows\System32\certutil.exe -addstore "TrustedPublisher" %s\mplaxusb361-2.cer' % currentpath)
run_notfatal(r'%s\x64\dpinst_x64.exe /S /F' % currentpath)
time.sleep(4)
run(r'MPLABX-v3.61-windows-installer.exe --mode unattended')
remove_desktop_shortcut('MPLAB X IDE v3.61.lnk')
remove_desktop_shortcut('MPLAB driver switcher.lnk')
remove_desktop_shortcut('MPLAB IPE v3.61.lnk')
How did you create the "smp.cer" file?sfonteneau wrote: ↑June 20, 2017 - 11:57 PM Hello,
It is possible to deploy drivers with pnputil.exe.
The "TrustedPublisher" must be added during installation to avoid displaying the (yellow) warning when launching pnputil.
If a red warning is displayed (unsigned drivers), it is not possible to deploy the drivers silently.
In this case, you must re-sign the drivers with your own certificate. Then add them as a TrustedPublisher.
Example of a package where I did it:
https://wapt.lesfourmisduweb.org/detail ... 1_all.wapt
Simon
-
dcardon
- WAPT Expert
- Messages: 1932
- Registration: June 18, 2014 - 09:58
- Location: Saint Sébastien sur Loire
- Contact :
Hello Gaelds,
Sincerely,
Denis
It's a standard certificate with a code-signing option. You can create a certificate authority with OpenSSL, deploy it to your network using the package Simon provided, generate a code-signing certificate from this authority, and then sign it with your drivers.gaelds wrote: ↑Oct 18, 2018 - 11:36How did you create the "smp.cer" file?sfonteneau wrote: ↑June 20, 2017 - 11:57 PM Hello
...
In this case, you need to re-sign the driver with your own certificate. Then add it as a TrustedPublisher.
Sincerely,
Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Sorry, but I didn't understand that answer. Are there procedures online for creating this type of certificate? And how is the trusted.reg file, which is added to the registry before pnputil in Simon's package, created?dcardon wrote: ↑Oct 20, 2018 - 10:11 It's a standard certificate with a code-signing option. You can create a certificate authority with OpenSSL, push it to your network using the package Simon mentioned, generate a code-signing certificate from that authority, and sign with your drivers.
Regards,
Denis
