Skip to main content
The top-level win key contains set of options instructing electron-builder on how it should build Windows targets. These options are applicable for any Windows target.

Common Questions

How to delegate code signing?

Use the sign option. Please also see why sign.js is called 8 times. 
"win": {
  "signtoolOptions": {
    "sign": "./customSign.js"
  }
}
File customSign.js in the project root directory: 
exports.default = async function(configuration) {
  // your custom code
}

How to use a custom verify function to enable NSIS signature verification alternatives?

Use the verifyUpdateCodeSignature interface: 
/**
 *  return null if verify signature succeed
 *  return error message if verify signature failed
 */
export type verifyUpdateCodeSignature = (publisherName: string[], path: string) => Promise<string | null>
Pass a custom verify function to the NSIS updater. For example, if you want to use a native verify function, you can use win-verify-signature. 
import { NsisUpdater } from "electron-updater"
import { verifySignatureByPublishName } from "win-verify-signature"

export default class AppUpdater {
  constructor() {
    const options = {
      requestHeaders: {
        // Any request headers to include here
      },
      provider: 'generic',
      url: 'https://example.com/auto-updates'
    }

    const autoUpdater = new NsisUpdater(options)
    autoUpdater.verifyUpdateCodeSignature = (publisherName: string[], path: string) => {
      const result = verifySignatureByPublishName(path, publisherName);
      if(result.signed) return Promise.resolve(null);
      return Promise.resolve(result.message);
    }
    autoUpdater.addAuthHeader(`Bearer ${token}`)
    autoUpdater.checkForUpdatesAndNotify()
  }
}

How to create Parallels Windows 10 Virtual Machine?

If you use Parallels, you must not use “Share Mac user folders with Windows” feature and must not run installers from such folders.
You don’t need to have Windows 10 license. Free is provided (expire after 90 days, but it is not a problem because no additional setup is required).
  1. Open Parallels Desktop.
  2. File → New.
  3. Select “Modern.IE” in the “Free Systems”.
  4. Continue, Continue, Accept software license agreement.
  5. Select “Microsoft Edge on Windows 10”.
  6. The next steps are general, see Installing Windows on your Mac using Parallels Desktop from “Step 6: Specify a name and location”.
Parallels Windows 10 VM will be used automatically to build AppX on macOS. No need even start VM — it will be started automatically on demand and suspended after build. No need to specify VM — it will be detected automatically (first Windows 10 VM will be used).

How to create VirtualBox Windows 10 Virtual Machine?

If you are not on macOS or don’t want to buy Parallels Desktop, you can use free VirtualBox.
  1. Open Download virtual machines.
  2. Select “MSEdge on Win10 (x64) Stable”.
  3. Select “VirtualBox” platform.
  4. Download. See installation instructions.
The password to your VM is Passw0rd!. VirtualBox is not supported by electron-builder for now, so, you need to setup build environment on Windows if you want to use VirtualBox to build AppX (and other Windows-only tasks).

Configuration

target
string | TargetConfiguration
default:"nsis"
The target package type: list of nsis, nsis-web (Web installer), portable (portable app without installation), appx, msi, msi-wrapped, squirrel, 7z, zip, tar.xz, tar.lz, tar.gz, tar.bz2, dir.AppX package can be built only on Windows 10.To use Squirrel.Windows please install electron-builder-squirrel-windows dependency.
icon
string
default:"build/icon.ico"
The path to application icon.
legalTrademarks
string
The trademarks and registered trademarks.
signtoolOptions
WindowsSigntoolConfiguration
Options for usage with signtool.exe. Cannot be used in conjunction with azureSignOptions, signing will default to Azure Trusted Signing.
azureSignOptions
WindowsAzureSigningConfiguration
Options for usage of Azure Trusted Signing service. Cannot be used in conjunction with signtoolOptions, signing will default to Azure Trusted Signing.
verifyUpdateCodeSignature
boolean
default:"true"
Whether to verify the signature of an available update before installation. The publisher name will be used for the signature verification.
requestedExecutionLevel
'asInvoker' | 'highestAvailable' | 'requireAdministrator'
default:"asInvoker"
The security level at which the application requests to be executed. Cannot be specified per target, allowed only in the win.
signAndEditExecutable
boolean
default:"true"
Whether to sign and add metadata to executable. Metadata includes information about the app name/description/version, publisher, copyright, etc. This property also is responsible for adding the app icon and setting execution level. (Advanced option leveraging rcedit)
signExts
string[]
Explicit file name/extensions (str.endsWith) to also sign. Advanced option. Supports negative patterns, e.g. example that excludes .appx files: ["somefilename", ".dll", "!.appx"].

Inherited Properties

The following properties are inherited from Common Configuration:
  • artifactName
  • publish
  • files
  • extraResources
  • extraFiles
  • asarUnpack
  • fileAssociations
  • protocols

Build docs developers (and LLMs) love

Get started for freeTalk to us