That would be great, thanks in advance!
It’s called InnoSetup.
http://www.jrsoftware.org/isinfo.php
Possibly not the most user-friendly but it did the job.
Wooo, that seems to have done the trick. Will need to do some more testing to make sure it all installs fine but thanks!
I’d like to chip in with some advice since I’ve been developing Windows software for about 19 years.
If you’re going to create an install program, I highly recommend that you create a Windows standard “MSI” file. MSI files tend to be “future proof” and will work on future Windows versions in case Microsoft decides to make breaking changes such as changing directory locations (like they did on Vista), start menu handling, etc. MSI files are really just database files that have a file association to Microsoft’s “msiexec.exe” executable under the Windows directory. That’s the actual install program and Microsoft will always make sure that it does the appropriate thing under the Windows OS version you are running on and patch any bugs/issues it might have.
EXE install programs that attempt to do the same thing as Microsoft’s “msiexec.exe” are not future proof and their maintainers typically have to scramble to make it work on future OS versions if there are any breaking changes. But that said, Microsoft tends to avoid breaking changes to begin with (unlike Apple). So, this doesn’t happen too often.
Now, if the EXE you are generating is really just a self-extracting executable, then this is a non-issue because it’s not really installing the app. It’s merely extracting/unzipping the app’s files to the end-user’s chosen location. This is a perfectly reasonable solution too, with the only bummer being that you lose desktop and start menu shortcuts which you might want.
We have zero experience in regards to windows development, at least in the installer sense. Technically all I did was Windows dev before I started with Corona however that was just Uni and hobbyist things like XNA, never having to deal with installers and the like.
As the build from Corona is just an .exe with the resources and various .dlls, and it runs from there fine, I believe all we’ve made is a self extracting .exe so in theory we’re good?
If we were to go with MSI, are they any programs that you recommend?
I think a self extracting executable is fine. It keeps things simple. And the Win32 app that the Corona Simulator generates does not require you to install any 3rd party dependencies like .NET, Java, VC++ runtimes, etc. which allows you to distribute your app easily like this. All of the DLLs that your Windows app requires are included next to your EXE.
Usually, the biggest reason to set up an MSI file is because you want to do the following:
- Install 3rd party dependencies via MSM files. (These are like libraries for install programs.)
- Install app shortcuts to the desktop and start menu.
- You need to write to the registry to set up file associations, content URIs, etc. (This also allows your app to be a good citizen and delete your registry entries upon uninstall.)
- You want to set environment variables. (And you should delete them upon uninstall.)
- You want to make it easy for customers to “upgrade” your app. (Although they can just delete the old app folder when using self-extracting executables.)
The above is probably more necessary for business apps.
If you are interested in creating an MSI file, then the most common 3rd party tool that come to mind are InstallShield, Wise, and AdvancedInstaller. Note that you have to pay for these tools though, but they are commonly used and well supported. There are free install tools as well, but they usually don’t offer the same functionality and ease of use as the commercial tools.
Also, Microsoft has a free open source MSI generate toolset named “WiX” which Microsoft uses to create install programs for Visual Studio and Microsoft Office (and Corona switched to using it earlier this year). But this tool has a steep learning curve and requires considerable knowledge of how MSI files work. It involves configuring the install program via XML and generating the MSI via command line tools or via a Visual Studio extension. This is overkill for a simple Windows app and is probably more appropriate for installing business suites. I remember it taking me about 1 week to learn all of the ins-and-outs of it to make it install/upgrade/uninstall correctly for the Windows version of the Corona SDK, although our install program is probably a bit more complicated than what most people need.
Anyways, I can probably go on and on about this topic. In some large companies, some people hired only to set up and manage large complex install programs. Once they get to this level, you have to look at install programs as programs themselves. Meaning that they have to be designed and tested. For example, it should never crash or fail. And it should *never* *ever* screw over the Windows operating system by overwriting its system DLLs (this is actually very possible). And I usually recommend developers to purchase a Microsoft “MSDN Subscription” which provides them licenses to all of their Windows OS versions, 32-bit/64-bit versions, and different language versions which is absolutely necessary for install testing. So, yeah, install programs are a lot of work. Especially on the testing side. 
Wow, a lot more goes into MSIs than I realised, I think we’ll just stick to the self-extracting EXE
Now just to see about sorting digital certificates. Not sure if they’re needed yet however Windows does seem to enjoy throwing up warnings about installing stuff it doesn’t know about.
Signing your app with a digital certificate is not required on Windows, but highly recommended. When running your app, Windows will typically display a UAC prompt asking the end-user if it is okay to run the app from an “unknown” publisher. If I remember right, Vista is a bit more heavy handed and will display this message in red if it is not signed. But other than that, Windows gives the end-user the option to run it.
However, anti-virus software typically blocks your app from running if it is not digitally signed. They’ll typically not ask the user if it is okay to run the app and instead display a big red warning that the anti-virus software blocked something. This can turn into support issues for those Windows users that don’t understand the nuance of these things. This is the biggest motivator to get your app digitally signed.
My best advise here is if you plan on selling your app to PC users, then digitally sign your EXE. If you plan on distributing it for free, then I think signing it is optional. For example, a lot of open source free tools for Windows tend to *not* be digitally signed, because, well, digital certificates cost money. If you’re not making money from your app, then the cost of a digital certificate (which can be about $200 or more for 1 year subscription) will come out of your own pocket.
I’ve found certificates for 95$ from a Comodo reseller - http://codesigning.ksoftware.net/?gclid=CPzcvcTekcgCFUVhfgodpGcMWg - this may seem like a silly question but, do we need to get a certificate for each app or just one for all of ours?
You only need to get 1 certificate and you can sign as many apps as you want with it. As in 1 certificate per company because your company’s identity will be digitally signed to your app. And I’d personally recommend that you get a *.PFX certificate file.
Also, you might want to purchase/download the certificate via Windows and Internet Explorer to ensure you get the right type of file. I say this because I’ve seen some certificate providing companies only offer an OS X style certificate when someone tried to buy/download it via a Mac. I think some of these websites assume you’ll want to purchase a type of certificate depending on the OS you are buying it from.
We’ve purchased a single year certificate, waiting for a call to verify us.
We were hoping to release the games tomorrow however not sure if we’ll be able to if this takes much longer. We may have to delay the Windows versions for a bit unless we luck out.
Thanks for the help by the way, very much appreciated!
OK, so we have the pfx file - there was a bit of a delay because Comodo found our old office phone number for verification, so we had to get that updated to our new one but they were very good about it.
We’re now going to use the KSign tool from KSoftware ( where we bought the certificate ) which in theory allows us to sign the .exe without having to download Visual Studio etc, will see how this goes.
We’re assuming we have to sign the installer .exe rather than the actual Corona build, or possibly both?, we’ll have a play and see what happens.
You only need to digitally sign your *.exe file.
You should also timestamp it via the certificate provider’s time server. They should have provided you a URL to their time server so that you can do this. This way, your app’s certificate won’t be considered expired by the OS or anti-virus’ authenticator when your certificate’s subscription expires. Your signed *.exe will be considered to have a valid signature indefinitely.
Hmm, we signed the resulting installer .exe and that seems to have worked fine. Fingers crossed it’s ok.
We do still get a warning from Windows SmartScreen but apparently that will improve over time as it’s based on things like how often the file is downloaded by IE users ( however that also surely depends on if our game is popular enough and also, and perhaps more worryingly, that it relies on people still using IE )
Just looked into the Timestamp point and the KSign tool that we used says “All signatures are timestamped by Comodo’s timestamp server”
So hopefully we’re good to go
Sorry. I should have been a bit more clear.
You need to digital sign *all* of your EXE files. This means your Corona made exe file and your self-extracting exe file.
Also, if you later decide to create an MSI installer, you would have to digitally sign the MSI file as well.
And you can verify that your EXE file was signed correctly and with a timestamp by right clicking it, selecting Properties from the popup menu, and then going to the “Digital Signatures” tab. If the properties window does not have a “Digital Signatures” tab, then it wasn’t digitally signed.
We have now signed both the corona build exe and the resulting installer exe, and checked, the “Digital Signatures” tab is present.
We released all 5 games today, no both the Mac App Store and itch.io, so hopefully the windows installers will work fine