Forum Discussion
Feedback regarding Certificate store and MSIX package installation.
Since all MSIX packages are installed on a per-user basis, why can't the certificate be installed into the user store?
Sure, we can learn to install them into the system store, but it seems wrong. AppInstaller should support both locations.
1 Reply
TIMOTHY_MANGAN The goal is not not allow random trust to be added and mitigate untrusted apps being installed on the device. To add new roots of trust the user needs be administrator. There is a significant amount of trusted Certificate Authorities already present in Windows, most untrusted certs are either self signed (which is almost like unsigned since there is no root verification) or enterprise roots. Most enterprises tend to manage the cert deployment via tools or image management.
John Vintzel (@jvintzel)
PM Lead, MSIX
