First published on MSDN on Aug 07, 2017
If you are working on a desktop application that you want to release on the Windows Store by packaging it with the Desktop Bridge, you’ll know that one of the requirements is that your application should work fine also on Windows 10 S, the new Windows edition that was introduced on 2nd May 2017. We have already discussed on this blog how you can test if your application is compliant in the following article: Porting and testing your classic desktop applications on Windows 10 S with the Desktop Bridge -
Nevertheless, a few word about the two modes:
enforces the Code Integrity checks for logging purpose only. That is to say that instead of raising exceptions (and crashes for you application) when
unsupported Windows 10 S operations
are performed, every failure is written in the Event Log: Application and Services Logs –> Microsoft –> Windows –> CodeIntegrity
Production mode with the AppxTestRootAgency Store certificate
exactly behaves like a real Windows 10 S box. The only difference is that this mode allows us to install apps signed with the AppxTestRootAgency provided by the Store team (
direct link download
However, you’ll know that the test phase, especially with the second mode, isn’t so easy to achieve, because you need to create a specific version of your package for this purpose (since the application needs to be signed with a special certificate, which means that also the publisher declared in the manifest must be changed). As such, let’s introduce some tools that will make your tests faster and easier!
For testing purpose, if you want to install an Appx package, you can double click on the Appx or use the
AddAppxPackage Powershell command
(even if, for the final round of testing, always make sure to use a real app package,
as explained in the following blog post
). This will work only if the Appx is signed using a trusted certificate. Usually when developing apps, the certificate is self-signed and it is not trusted on other computers. Of course, we can install it in the "Trusted People" store but it can be really time consuming for testers or IT departments if the number of apps and computers is big (Besides the fact that you have to ask the developer to send you the certificate).
tool allows you to install any Appx for testing purpose on a Windows 10 computer in Developer mode without worrying about the certificate used for signing the app.
The only one certificate you will have to install on the Windows 10 test box is the AppxTestRootAgency certificate.
Here are what this tool does for you under the hood:
It creates a new unique folder for extracting the Appx files
It gets the content of the AppxManifest.xml in this folder. It modifies the Publisher identity to use the one provided by the AppxTestRootAgency certificate. It is: “CN=Appx Test Root Agency Ex”. Lastly, it saves the modified manifest
It recreates the Appx file from the folder (with the modified AppxManifest.xml)
It signs the Appx file with the AppxTestRootAgency certificate provided by the Store team
Let’s imagine the following scenario: you have used the previous MakeAPPXForWin10S.cmd script, then you have installed and tested the app and you have discovered that you are missing a content file or that the app failed the WACK because of bad images’ size for example. As such, to continue the testing phase, you must modify the files within the extracted Appx folder, recreate the package, sign it again, etc. Very time consuming, as you can imagine! Here is when the
comes into the place! The tool takes the extracted app package (which, in the meantime, you have manually modified) and creates the signed Appx file out from it.
Recreates the Appx file with the content of the DesktopBridge folder already extracted by the MakeAPPXForWin10S.Cmd
Signs the Appx file with the AppxTestRootAgency provided by the Store team