Configuring Manifests on Windows 8 and Later Operating Systems

Applies to TestComplete 14.71, last modified on April 22, 2021

On Windows 8 and later operating systems, your COM client application for TestComplete must have the same privilege level as TestComplete. The privilege level is specified by the uiAccess attribute in the application manifest (the AppName.exe.manifest XML file next to the application). TestComplete and your application must have the same uiAccess value (true or false) in their manifests.

Using Extended Privilege Level (uiAccess="true")

To test Windows Store applications, your COM client from which you control TestComplete must use the extended privilege level, that is, it must have uiAccess="true" in its manifest. If it is impossible, automate TestComplete in some other way, for example, by using the command line.

Requirements

Your COM client application from which you control TestComplete:

  • Must be digitally signed. (See below.)

  • Must be in the Program Files, Program Files (x86) or Windows\System32 folder.

Setting the uiAccess Attribute

Set the extended privilege level for TestComplete and your COM client application from which you will control TestComplete:

  1. Launch a text editor as Administrator.

  2. In the text editor, open the manifest file corresponding to the TestComplete version you use:

    • 32-bit version: <TestComplete>\Bin\TestComplete.exe.manifest

    • 64-bit version: <TestComplete>\x64\Bin\TestComplete.exe.manifest

  3. Find the requestExecutionLevel element and add the uiAccess="true" attribute to it:

    XML

      <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
        <security>
          <requestedPrivileges>
            <requestedExecutionLevel level="asInvoker" uiAccess="true"/>
          </requestedPrivileges>
        </security>
      </trustInfo>
  4. Save the changes.

  5. In the same way, change the manifest of your COM client application.

    Note: A manifest may be embedded into the application. This manifest takes priority over an external manifest on Windows Server 2003, Windows Vista, and later Windows versions. On Windows XP, the external manifest has higher priority. If you have trouble connecting to your application, make sure you edited the correct manifest.

Digitally Signing the COM Client

Your COM client from which you will control TestComplete must be signed. The easiest way to sign an application is to use signing utilities shipped with Visual Studio or Windows SDK:

  1. Use the MakeCert utility to create a self-signed certificate and a private key:

    MakeCert -r -n CertificateName -ss CertificateStore -sr localmachine -sv PrivateKeyFile.pvk OutputCertificateFile.cer

    Where:

    CertificateName - is the name of your certificate, it must comply with the X.500 standard and match the Publisher value in your client application’s manifest. For example, "CN=MyCompany";

    CertificateStore - is the name of your certificate store that will store the generated certificate;

    PrivateKeyFile.pvk - is the name of the file to which the utility will store the private key;

    OutputCertificateFile.cer - is the name of the file, to which the utility will store the certificate.

    The utility will ask you for a password for the private key. Specify the password if needed.

    The utility will generate a self-signed certificate and save it to the specified certificate store. It will also export the private key and the certificate information to the specified .pvk and .cer files.

  2. Add the generated certificate to the Trusted Root Certification Authorities store for a local computer. To do this, you can use the CertMgr utility:

    CertMgr /add OutputCertificateFire.cer /s /r localmachine root

  3. Use the Pvk2Pfx utility to copy the private key and the certificate information to a Personal Information Exchange file (.pfx):

    Pvk2Pfx /pvk PrivateKeyFile.pvk /spc OutputCertificateFile.cer /pfx OutoutCertificate.pfx

    The utility will generate the .pfx file with the specified name.

  4. Use the SignTool utility to sign your COM client:

    SignTool sign /f OutoutCertificate.pfx MyCOMClient.exe

To verify that your client application is signed properly, you can use the verify command of the SignTool:

SignTool verify -pa -v MyCOMClient.exe

To learn more about code signing, see the Using SignTool to Sign a File article in the MSDN Library.

Using Standard Privilege Level (uiAccess="false")

Use this approach if your COM client application does not have a manifest, or if you do not test Windows Store applications.

  1. Disable the Enable support for testing Windows Store applications option in TestComplete:

    Disabling support for Windows Store applications in TestComplete

    Click the image to enlarge it.

  2. Launch a text editor as Administrator.

  3. In the text editor, open the manifest file corresponding to the TestComplete version you use:

    • 32-bit version: <TestComplete>\Bin\TestComplete.exe.manifest

    • 64-bit version: <TestComplete>\x64\Bin\TestComplete.exe.manifest

  4. Find the requestExecutionLevel element and either delete the uiAccess attribute, or set it to false:

    XML

      <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
        <security>
          <requestedPrivileges>
            <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
          </requestedPrivileges>
        </security>
      </trustInfo>
  5. Save the changes.

  6. If your COM client application has a manifest, change it in the same way.

    Note: A manifest may be embedded into the application. This manifest takes priority over an external manifest on Windows Server 2003, Windows Vista, and later Windows versions. On Windows XP, the external manifest has higher priority. If you have trouble connecting to your application, make sure you edited the correct manifest.

See Also

Working With TestComplete via COM - Overview
Working With TestComplete via COM

Highlight search results