Forum Discussion
How to properly escape a comma in makeappx.exe package process?
When trying to package up a UWP application, we have our signing certificate specified in the Publisher section of the manifest. Unfortunately, our CN and Organization both have commas in the value.
Example:
<Identity Name="PKProtectExplorerIntegration" Publisher="CN=MSFT, INC, O=MSFT, INC, C=US" Version="1.0.0.0" />
When we try to run makeappx.exe pack /d Test /p Test.msix /nv
We see this error in the output because of the commas:
Output:
MakeAppx : error: Error info: error C00CE169: App manifest validation error: The app manifest must be valid as per schema: Line 14, Column 49, Reason: 'CN=MSFT, INC, O=MSFT, INC, C=US' violates pattern constraint of '(CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID.(0|[1-9][0-9])(.(0|[1-9][0-9]))+))=(([^,+="<>#;])+|".")(, ((CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID.(0|[1-9][0-9])(.(0|[1-9][0-9]))+))=(([^,+="<>#;])+|".")))*'.
The attribute 'Publisher' with value 'CN=MSFT, INC, O=MSFT, INC, C=US' failed to parse.
How do we properly escape a comma in the Publisher string?
- harshada2019Microsoft
hijackd5O
I think ,(comma) is not supported to be a part of the publisher name.This article specifies how publisher attribute should look like.It has to align with this regex:(CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|(OID\.(0|[1-9][0-9]*)(\.(0|[1-9][0-9]*))+))=(([^,+="<>#;])+|".*")(, ((CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|(OID\.(0|[1-9][0-9]*)(\.(0|[1-9][0-9]*))+))=(([^,+="<>#;])+|".*")))*"[^,+="<>#;] = any symbols like , + = etc are now supported. - ChaconMicrosoft
I believe you can include the comma by quoting the field. So it would be 'CN="MSFT, INC", O="MSFT, INC", C=US'. To include those inner quotes in the manifest XML, you would need to escape them as " so it would ultimately look like Publisher="CN="MSFT, INC", O="MSFT, INC", C=US".
Note that the regex says you cannot use special characters, unless you quote them:
([^ ,+="<>#;]+|".*")
means that you can write something without any of those characters, or you can surround the full thing with quotes.- I had this issue. See https://techcommunity.microsoft.com/t5/msix/msix-packageing-tool-signtool-certificate-issues/m-p/224217#M69 for a resolution.