Forum Discussion
Signing MSIX packages with Azure Trusted Signing Accounts
Have since identified that Trusted Signing Installer .msi doesn't install the correct configuration of dlib and compatible sign tool.
Installing the latest sign tool 10.0.26610.3328 and dlib 1.0.68.0 using nuget packages overcomes the issue.
Microsoft are updating documentation to reflect this, including ensuring that explicit paths to each component is set and calling signtool from the folder it resides in.
& .\signtool.exe sign /v /debug /fd SHA256 /tr "http://timestamp.acs.microsoft.com" /td SHA256 /dlib "<Path to Trusted Signing dlib bin folder>\x64\Azure.CodeSigning.Dlib.dll" /dmdf "<Path to metadata file>\metadata.json" <File to sign>
Hi GrahamGB
You're hitting a format issue when trying to sign MSIX packages. Even though MSIX packages should be supported by Azure Trusted Signing Accounts, it’s possible the issue is related to the publisher details or the way the signing process is being triggered. You mentioned that you've matched the publisher details, but if you're using a specific publisher display name in the app, that might be causing a mismatch. Make sure that the publisher details in your MSIX package exactly match the trusted signing profile. Another option is that you can try using the Microsoft Packaging Tool to repackage the MSIX, ensuring that the publisher is set correctly throughout.
Hope it helps!
Thanks luchete ,I'll review the display name again. Does that mean you've had success with this approach using trusted signing accounts?