REG Azure Device Guard Signing

%3CLINGO-SUB%20id%3D%22lingo-sub-1352084%22%20slang%3D%22en-US%22%3EREG%20Azure%20Device%20Guard%20Signing%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1352084%22%20slang%3D%22en-US%22%3E%3CP%3EAs%20the%20article%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fmsix%2Fpackage%2Fsigning-package-device-guard-signing%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fmsix%2Fpackage%2Fsigning-package-device-guard-signing%3C%2FA%3E%3C%2FP%3E%0A%3CP%3EWas%20able%20to%20create%20AAD%20json%20file%20and%20trying%20to%20sign%20a%20MSIX%20app%20using%20AAD%20access%20token.%20Is%20this%20format%20correct%3A%26nbsp%3B%3C%2FP%3E%0A%3CP%3E.%5Csigntool.exe%20sign%20%2Ffd%20sha256%20%2Fdlib%20DgssLib.dll%20%2Fdmdf%20C%3A%5Ctemp%5Coutfile.json%20C%3A%5Ctemp%5CTest1_1.0.0.0_x64__h91ms92gdsmmt.msix%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3BGetting%20this%20error%3A%3C%2FP%3E%0A%3CP%3ENumber%20of%20errors%3A%201%3C%2FP%3E%0A%3CP%3E.%5Csigntool.exe%20%3A%20SignTool%20Error%3A%20This%20file%20format%20cannot%20be%20signed%20because%20it%20is%20not%20recognized.%3CBR%20%2F%3EAt%20line%3A1%20char%3A1%3CBR%20%2F%3E%2B%20.%5Csigntool.exe%20sign%20%2Ffd%20sha256%20%2Fdlib%20DgssLib.dll%20%2Fdmdf%20C%3A%5Ctemp%5Coutfil%20...%3CBR%20%2F%3E%2B%20~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~%3CBR%20%2F%3E%2B%20CategoryInfo%20%3A%20NotSpecified%3A%20(SignTool%20Error%3A...not%20recognized.%3AString)%20%5B%5D%2C%20RemoteException%3CBR%20%2F%3E%2B%20FullyQualifiedErrorId%20%3A%20NativeCommandError%3CBR%20%2F%3E%3CBR%20%2F%3ESignTool%20Error%3A%20An%20error%20occurred%20while%20attempting%20to%20sign%3A%20C%3A%5Ctemp%5CTest1_1.0.0.0_x64__h91ms92gdsmmt.msix%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Microsoft

As the article https://docs.microsoft.com/en-us/windows/msix/package/signing-package-device-guard-signing

Was able to create AAD json file and trying to sign a MSIX app using AAD access token. Is this format correct: 

.\signtool.exe sign /fd sha256 /dlib DgssLib.dll /dmdf C:\temp\outfile.json C:\temp\Test1_1.0.0.0_x64__h91ms92gdsmmt.msix

 

 Getting this error:

Number of errors: 1

.\signtool.exe : SignTool Error: This file format cannot be signed because it is not recognized.
At line:1 char:1
+ .\signtool.exe sign /fd sha256 /dlib DgssLib.dll /dmdf C:\temp\outfil ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (SignTool Error:...not recognized.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError

SignTool Error: An error occurred while attempting to sign: C:\temp\Test1_1.0.0.0_x64__h91ms92gdsmmt.msix

 

0 Replies