Device Guard v2 not working properly

Occasional Contributor

Hi,

 

I'm testing the new Device Guard v2 signing feature. I can successfully sign the packages, but unable to install them. I've downloaded and imported the device guard root cert to all imaginable certificate stores without any luck following this article - https://docs.microsoft.com/en-us/windows/msix/package/signing-package-device-guard-signing

 

Windows 10 20H2.

4 Replies

Hi @xenappblog 

 

To obtain the root certificate of Device Guard Signing version 2: 

1. use the NuGet package: NuGet Gallery | Microsoft.Acs.Dgss.Client 1.0.4 

2. use the “Get-RootCertificate” command to obtain the root certificate

 

If you are still having issues please let us know. We will update our documentation accordingly. 

 

Thank you, 

 

Dian 

No lucky, please advice

Hi @xenappblog 

 

Please go the downloaded package folder and use the “Get-RootCertificate” command as follows in the Read me. 

 

 

 

 

 

 

 

@Dian Hartono 
Im having similar issues
ive managed to get the Microsoft.Acs.Dgss.Client module imported and running.

i have followed the instructions listed here: Register your app in the Azure Portal to configure the app registration

 

when i run "Get-RootCertificate -OutFile C:\Temp\rootcert.cer -appid <App Client GUID>"

after signing in, i get an error stating that the reply URL is wrong, but that URL is not listed in the app registration documentation