Forum Discussion
Can not Sign the MSIX pacakge with self-signed certificate
I used Makeappx tool to convert my appx package to the msix package and now I want to test my msix package. I created a self-signed certificate by following the steps from how to create a certificate for packaging and signing . But when I am trying to sign my package using signtool, I always get the error message:
SignTool Error: An unexpected internal error has occurred.
Error information: "Error: SignerSign() failed." (-2147024846/0x80070032)
I have double checked the publisher name and encrpted algorithm I used. I have update to the Build17713. In build 17709, I created a simple test app and packed it with msix and successfully signed and installed. Anybody has the same issue with signing the package.
11 Replies
I have the same issue.
My OS = 17728.1000
I used the MSIX package tool. I created a pfx cert with a password. The CN name matches the CN in the msix. You cannot add the cert at the end of the MSIX package tool because it does not prompt for the cert password.
When I then try to sign the appx package, I receive the same error 0x80070032.
Please help!
Hi all,
I did quite some testing with different types of certificates. What I found out is:
- the MSIX Packaging Tool has its own Version of signtool boxed (I guess to remove the SDK as prerequisite
- Certificate passwords really make it break
What my solution was (beside to query for the most updated Insider SDK) to just copy out the Inboxed Signtool and run it on the commandline:
location on my box:
"C:\Program Files\WindowsApps\Microsoft.MsixPackagingTool_1.2018.725.0_x64__8wekyb3d8bbwe\signtool.exe"
signtool.exe sign /a /v /fd SHA256 /f "C:\MyCodeSignCustom.pfx" /p "SuperSecurePassword" "C:\MSIXPackage.appx"
Kind regards
/Johannes
@Johannes
Thank you very much. This worked for me.
I used the command line to copy out the signtool.exe file, then ran my signtool command and voila, my msix package was able to be signed. I still needed to turn on "Sideload apps" from the "for Developers" page under Windows "Settings", but that makes sense since I am not installing from the Store.
Hi,
Yes, I have the same issue:
SignTool Error: An unexpected internal error has occurred.
Error information: "Error: SignerSign() failed." (-2147024846/0x80070032)
Event viewer show me this: "The reader was created successfully without manifest validation." And it is under Information Level, not Warning or Error.
Details:
MSIX create with MSIX Packaging Tool (Preview)
OS build: 17713.1000
Signtool.exe used from C:\Program Files (x86)\Windows Kits\10\bin\10.0.17134.0I have the same issue with self-signed certificate (0x80070032). The name is valid, and I can use the cert to sign an exe without issue. I am using 17134 version of signtool, and have tried both the x86 and x64 version of signtool.
Event operational log generates a single information entry (Event 181 - The reader was created successfully without manifest validation).
Enabling debug log produced single event of Event 0 (ErrorCode 15003 with EventPayload of all zeros))
TIMOTHY_MANGAN and Stephen Morgan, looks like you are using the RS4 version of signtool. Please use the latest from the insider preview SDK:
https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewSDK
Toms Knostenbergs sounds like you are using signtool to sign the package, is that correct? Can you please try to convert the package again using the MSIX Packaging Tool and add your test certificate in the last page of the wizard to have the tool sign the MSIX package? If you hit the same error please file a feedback hub problem from the error pop up so we can take a look at your logs.
- jvintzel
Microsoft
If you go to event viewer does it have anymore details?
Applications and Services Logs > Microsoft > Windows > AppxPackagingOM ? Microsoft-Windows-AppxPackaging/Operational
John.
