The file '<file>' was not signed
Signing functionality, available in Visual Studio 2003 and earlier versions, has been removed from setup and deployment projects (Setup projects, Web Setup projects, CAB projects, and Merge Modules). If you have imported a Visual Studio 2003 project with signing enabled into Visual Studio 2005, or if you want to enable signing for your deployment project, you need to sign the files in the build output with Signtool.exe, the assembly signing tool in the Windows Platform SDK, in a post-build event. For more information, see Sign Tool (SignTool.exe).
In the simple case, there are no loose files, only the bootstrapping application (setup.exe) and/or the package file that the build outputs (the Windows Installer package, .cab file, or merge module). In this case, you would invoke Signtool.exe in the post-build event dialog box.
In the advanced scenario, the files that make up the deployment may be loose, which means that there are more files in the build output than just the bootstrapping application and Windows Installer package. Often you want these extra loose files to be signed and have the Windows Installer package updated with the hash code of each signed component. This must be done in a post-build event that runs a script to do the following:
Iterate through the set of loose files and CAB files in the build output path and sign them with Signtool.exe.
In the Windows Installer package, update the hash code for each file you have signed.
Sign the bootstrapping application and sign the Windows Installer package using Signtool.exe.
To correct this error in the simple case
Invoke Signtool.exe in the post-build event dialog box.
<SDK Install dir>Signtool sign –f "filename.pfx" –p "password" $(BuiltOuputPath)\Setup2.msi
<SDK Install dir>Signtool sign –f "filename.pfx" –p "password" $(BuiltOuputPath)\setup.exe
If your certificate is stored in .pvk and .spc files, you can use the Windows Platform SDK tool pvk2pfx.exe to convert the format of these files to .pfx.