cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Need some clarity in how offical vendor should sign their applications

JohnInge
Copper Contributor

‎Oct 16 2019 01:57 AM

‎Oct 16 2019 01:57 AM

Need some clarity in how offical vendor should sign their applications

Hi, we are starting to get applications delivered from our vendors as MSIX packages. Then certificates they are signed with play a role I guess. 

 

How will this work? Which certificates should be used, to avoid end customers to have to add lots of certificates?

679 Views
0 Likes
1 Reply
Reply
1 Reply
John Vintzel

‎Oct 17 2019 08:29 AM

‎Oct 17 2019 08:29 AM

Re: Need some clarity in how offical vendor should sign their applications

@JohnInge 

 

Here is a list of trusted certificates that are included in Windows:  https://docs.microsoft.com/en-us/security/trusted-root/participants-list

 

If you (or a vendor) are repackaging they can use any one of these authorities without needing to add new root certificates.   If the apps are being repackaged you can also leverage a root from your Azure AD tenant.  More details here: https://docs.microsoft.com/en-us/windows/msix/package/signing-package-device-guard-signing

 

Using Azure AD tenant does require the 20H1 insider SDK.

 

John

0 Likes
Reply