MSIX signing the package with an existin code signing tool?

%3CLINGO-SUB%20id%3D%22lingo-sub-287537%22%20slang%3D%22en-US%22%3EMSIX%20signing%20the%20package%20with%20an%20existin%20code%20signing%20tool%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-287537%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%20can%20we%20create%20a%20MSIX%20package%20with%20the%20packaging%20tool%2C%20skipping%20the%20fields%20for%26nbsp%3B%20certificate%20and%20then%20sign%20the%20MSIX%20file%20with%20an%20exiting%20code%20signing%20solution%20afterwards%3F%20Many%20companies%20have%20codesigning%20solutions%20for%20existing%20Powershell%20script%20etc%2C%20and%20hopefully%20that%20can%20be%20used%20to%20also%20sign%20MSIX%20files%3F%26nbsp%3B%3CBR%20%2F%3E%3CBR%20%2F%3EOr%20do%20we%20have%20to%20have%20the%20exact%20certificate%20info%20and%20a%20PFX%20file%20to%20be%20able%20to%20sign%20a%20MSIX%20package%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-287922%22%20slang%3D%22en-US%22%3ERe%3A%20MSIX%20signing%20the%20package%20with%20an%20existin%20code%20signing%20tool%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-287922%22%20slang%3D%22en-US%22%3E%3CP%3EYou%20can%20skip%20the%20certificate%20and%20sign%20outside%20the%20MSIX%20Packaging%20Tool%20with%20any%20code%20signing%20certificate.%26nbsp%3B%20When%20packaging%20the%20app%2C%20you%20need%20to%20make%20sure%20the%20publisher%20field%20maps%20to%20the%20certificate%20you%20will%20be%20signing%20with.%26nbsp%3B%20You%20can%20get%20this%20information%20from%20the%20Subject%20Name%20of%20the%20public%20certificate%20(.cer%20file).%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20are%20hoping%20to%20release%20a%20community%20toolkit%20early%20next%20year%20that%20will%20help%20with%20automating%20some%20of%20these%20resigning%20scenarios.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EJohn.%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi, can we create a MSIX package with the packaging tool, skipping the fields for  certificate and then sign the MSIX file with an exiting code signing solution afterwards? Many companies have codesigning solutions for existing Powershell script etc, and hopefully that can be used to also sign MSIX files? 

Or do we have to have the exact certificate info and a PFX file to be able to sign a MSIX package?

1 Reply

You can skip the certificate and sign outside the MSIX Packaging Tool with any code signing certificate.  When packaging the app, you need to make sure the publisher field maps to the certificate you will be signing with.  You can get this information from the Subject Name of the public certificate (.cer file).

 

We are hoping to release a community toolkit early next year that will help with automating some of these resigning scenarios.

 

John.