Post a reply to the thread: Signing AppX files
Click here to log in
What's the name of our main installation product (in uppercase letters), directly followed by the current year?
You may choose an icon for your message from this list
Will turn www.example.com into [URL]http://www.example.com[/URL].
Re: Signing AppX files Hello Friedrich, Well I tried that, using the signtool directly, C:\Users\Maarten>C:\Users\Maarten\Dropbox\StakePoi nt\CodeSigning\Digicert\SignTool sign /fd SHA256 /a /f C:\Users\Maarten\Dropbox\StakePoint\CodeSigning\Di gicert\sasustakepointcodesign.pfx /p mypassword C:\Users\Maarten\Dropbox\StakePoint\DesktopAppConv erter\stakepoint\StakePoint\StakePoint.appx Done Adding Additional Store SignTool Error: An unexpected internal error has occurred. Error information: "Error: SignerSign() failed." (-2147024885/0x8007000b) Now the error returned is documented and normally occurs when the company name is not identical to the one in the certificte https://msdn.microsoft.com/en-us/lib...(v=vs.85).aspx My AppX command is as follows: C:\Users\Maarten\Dropbox\StakePoint\DesktopAppConv erter\DesktopAppConverter.ps1 -Installer C:\Users\Maarten\Dropbox\StakePoint\DesktopAppConv erter\StakePoint_Setup.exe -InstallerArguments "/S" -Destination C:\Users\Maarten\Dropbox\StakePoint\DesktopAppConv erter\stakepoint -PackageName "StakePoint" -Publisher "CN=SASU STAKE POINT, C=FR" -Version 16.8.4.0 -MakeAppx -Verbose And the certificate I use gives: CN = SASU STAKE POINT O = SASU STAKE POINT L = Hyeres S = Provence-Alpes-Cote d'Azur C = FR The Signature hash algorithm is sha256, If I specify the -Publisher with "CN=SASU STAKE POINT, O = SASU STAKE POINT, C=FR" with more location parameters the conversion fails, so I don't see where things go wrong ? Are the internal files signed with sha1 ? By the way super cool if we can create these AppX files directly from SetupBuilder Regards,
Re: Signing AppX files
Re: Signing AppX files Maarten, SHA-1 isn't valid for signing app packages (because it is not supported any longer). Try to use SHA-2. BTW, we'll post more AppX information next month (in September). Support for AppX is in the works. Friedrich
Signing AppX files Hi, I just managed to convert my setup builder installer into a Windows Store compatible AppX package. I use a Digicert code sign certificate (a Windows Store requirement) which works fine on my normal installer builds. In order to sign the AppX file I thought the simplest way would be to make a small setupbuilder project with the following line: #code-sign application "E:\Dropbox\StakePoint\DesktopAppConverter\stakepo int\StakePoint\StakePoint.appx" ["StakePoint"]" ["e:\Dropbox\StakePoint\CodeSigning\Digicert\sasust akepointcodesign.pfx"] This however gives me the following error code: stakepoint sign appx.sbp Init Standard Variables... Performing pre-checks... OK Timestamp server(s)... SHA-1: http://timestamp.digicert.com/authenticode SHA-2: http://timestamp.digicert.com/authenticode Type : 0 Script format version detected: 7.0.2600 Recursive compile (0:29): Common Definitions.sbi #pragma loaded: MINVER Finished Continue (0:1:30): E:\Dropbox\StakePoint\SetupBuilder Projects\StakePoint Sign AppX.sbp Adding Digital Certificate (Preprocessor)... SIGNTOOL: E:\Dropbox\StakePoint\DesktopAppConverter\stakepoi nt\StakePoint\StakePoint.appx SVER: 10.0.10586.212 SHA1: 1 Compiler error GEN1053: Code signing process failed. Error Code: 1 Script(s) processed --------------------------------------- Done --------------------------------------- StakePoint Sign AppX.sbp - 1 error(s), 0 warning(s), 0 file(s) code-signed Regards, Maarten MOSTERT
Signing AppX files
Forum Rules
