Changes between Version 62 and Version 63 of BuildingOnWindows


Ignore:
Timestamp:
03/16/11 11:41:48 (13 years ago)
Author:
Samuli Seppänen
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • BuildingOnWindows

    v62 v63  
    183183  * Place the signed TAP drivers and corresponding ''tapinstall.exe'' to ''<openvpn-sources>\dist\i386'' and ''<openvpn-sources>\dist\amd64'', respectively. Put 32-bit files to the ''i386'' directory and 64-bit files to the ''amd64'' directory.
    184184 * [http://msdn.microsoft.com/en-us/library/ms235591%28v=vs.80%29.aspx Embed manifest files manually] to ''openvpn.exe'', ''openvpnserv.exe'', ''lzo2.dll'' and ''libpkcs11-helper-1.dll''. The purpose of the manifest file (whether embedded or not) is to declare the run-time dependencies of the EXE/DLL. This step is required because the NSI script is not configured to install external manifest files and a manifest file is needed for proper operation.
     185
     186All of this has been automated in OpenVPN 2.2-RC2 and later. In case you want to test new TAP-driver versions on Windows Vista/7 64-bit you need to self-sign them and jump through several hoops. For details, look [#TAP-driver_signing here].
    185187
    186188OpenVPN installer is driven by the ''<openvpn-sources>\win\openvpn.nsi'' NSI script, which has to be loaded with the [http://nsis.sourceforge.net/Main_Page MakeNSIS] application to generate an installer. If the ''<openvpn-sources>\dist'' directory has been properly set up, you should not encounter any errors. However, if ''MakeNSIS'' complains about missing files, make sure the ''<openvpn-sources>\dist'' directory contains all of the packaging dependencies:
     
    216218
    217219If you wish to use Windows for OpenVPN development integrating Git with Visual Studio (2008) may make sense.
    218  
     220
     221= TAP-driver signing =
     222
     223The 64-bit versions of Windows Vista/7 (and later) only allow installing drivers with certificates that have Microsoft as CA. Or, in other words, drivers verified by Microsoft. Installation of unsigned nor unauthorized device drivers is not allowed by default. This is very problematic when testing the TAP-driver, as signing it after every small change makes no sense. Fortunately it ''is'' possible to self-sign the TAP-driver and configure Windows to accept self-signed (unauthorized) drivers. As the steps involved are not trivial, they are described here.
     224
    219225= Troubleshooting =
    220226