Forum Discussion
Can not Sign the MSIX pacakge with self-signed certificate
I have the same issue.
My OS = 17728.1000
I used the MSIX package tool. I created a pfx cert with a password. The CN name matches the CN in the msix. You cannot add the cert at the end of the MSIX package tool because it does not prompt for the cert password.
When I then try to sign the appx package, I receive the same error 0x80070032.
Please help!
- Johannes FreundorferAug 07, 2018Copper Contributor
Hi all,
I did quite some testing with different types of certificates. What I found out is:
- the MSIX Packaging Tool has its own Version of signtool boxed (I guess to remove the SDK as prerequisite
- Certificate passwords really make it break
What my solution was (beside to query for the most updated Insider SDK) to just copy out the Inboxed Signtool and run it on the commandline:
location on my box:
"C:\Program Files\WindowsApps\Microsoft.MsixPackagingTool_1.2018.725.0_x64__8wekyb3d8bbwe\signtool.exe"
signtool.exe sign /a /v /fd SHA256 /f "C:\MyCodeSignCustom.pfx" /p "SuperSecurePassword" "C:\MSIXPackage.appx"
Kind regards
/Johannes
- Stephen MorganAug 08, 2018Copper Contributor
@Johannes
Thank you very much. This worked for me.
I used the command line to copy out the signtool.exe file, then ran my signtool command and voila, my msix package was able to be signed. I still needed to turn on "Sideload apps" from the "for Developers" page under Windows "Settings", but that makes sense since I am not installing from the Store.
- Aug 07, 2018Johanes - Thanks for that. I was assuming from the "documentation" that I needed the SDK copy of signtool and never looked inside the packaging tool for a copy.
This isn't the best way to go about this, but at least I can finally test!- Johannes FreundorferAug 09, 2018Copper Contributor
Hi Timothy,
exactly this is what my solution should provide - final (production) solution of course should be something within the Tool. But for now - it let MSIX rock on my box.
Enjoy