How to check that a file is dual code signed

In Visual Installer 2015 we added a new function that makes it possible to dual code sign setup files. You can read about the new function in the following blog post:

> Visual Installer now supports SHA-2 and dual code signing

Before you distribute your installation package it can be a good idea to check that the dual sign process succeeded. You can do it easily by following the steps below:

1. Create your setup package from Visual Installer.
2. Locate the setup package file via Windows Explorer.
3. Right-click on the file.
4. Choose the Properties menu item in the local menu that is opened.
5. Open the Digital Signatures tab.

If the file has been successfully dual signed, there should be two rows in the signature list:

Windows Properties window

The digest algorithms should be sha1 and sha256, as shown in the picture above. If there is only one row in the signature list, the dual code sign process failed or you have not set Visual Installer to dual code sign setup packages. Read this tip to get more information about how to change code sign settings in Visual Installer.

See also
> What is SHA-1 and SHA-2 and what’s the difference between them?
> How to code sign a setup package (Visual Installer tip)