Jul 04 2022 08:06 AM
Hi there,
I'm used to code sign our exe (built with Visual Studio and packed with Innosetup) without problem:
signtool.exe sign /n "oursoft" .\oursoft.exe
Done Adding Additional Store
Successfully signed: .\oursoft.exe
or also
signtool.exe sign /tr http://timestamp.comodoca.com /td sha256 /fd sha256 /a .\oursoft.exe
Done Adding Additional Store
If instead I produce a MSIX install, with the same commands, it dooesn't work anymore:
signtool.exe sign /n "oursoft" .\oursoft.msix
Error information: "Error: SignerSign() failed." (-2146889723/0x80091005)
or
signtool.exe sign /tr http://timestamp.comodoca.com /td sha256 /fd sha256 /a .\oursoft.msix
Done Adding Additional Store
SignTool Error: An unexpected internal error has occurred.
Error information: "Error: SignerSign() failed." (-2147024885/0x8007000b)
I can't fix that thus I can't put our application on the Microsoft store :(
Does someone have any idea of what is the origin of this problem?
Thank you for your help,
Pascal
Aug 08 2022 12:55 AM
@pbertolino sorry for the delay in reverting on this question. Publishing an app on the Store should not need signing, your app will be signed with a trusted certificate for you. This allows the user to install and run your app without installing the associated app signing certificate. If you need the app signed for testing/internal publishing, you may want to try the following :
1. check if the publisher name in the manifest and the one you are trying to use to sign match
2. try using signtool.exe that comes with the SDK, to isolate the issue:
https://developer.microsoft.com/en-us/windows/downloads/sdk-archive/
3. please submit a feedback hub request with the issue detail.
4. Are you able to sign while packaging using "Create App Package" wizard?
Please update this thread with your findings. thank you.
Mar 20 2023 08:26 AM
I've been running into a similar issue in Visual Studio 2022 17.5.2 when using "Create App Packages..."
It will sign the .msix file if you provide a valid code signing certificate, but will not timestamp the file when provided with a timestamp URL.
The file is correctly timestamped if you use signtool.exe with the /tr option.
In both instances I used:
- A code signing certificate from the local store issued by Sectigo
- The timestamp url http://timestamp.sectigo.com/