EDIT
Event Log Error:
error 0x8007000B: The app manifest publisher name (CN=...) must match the subject name of the signing certificate (CN={19BE29DF-4812-4F2E-8FC1-A138B146946A}).
Now the team is working. Thus, a user error on my part that I cannot identify or something awkward with the state of the machine when I saw it. This guide related to the signature certificate in the event log message is not what the certificate shows in the certificate manager snap-in, which is strange.
Original question
I am trying to sign a UWP application package that was generated using MakeAppx.exe . Pfx is a developer code signing certificate generated by these commands from https://msdn.microsoft.com/windows/uwp/porting/desktop-to-uwp-manual-conversion .
C:\> MakeCert.exe -r -h 0 -n "CN=<publisher_name>" -eku 1.3.6.1.5.5.7.3.3 -pe -sv <my.pvk> <my.cer> C:\> pvk2pfx.exe -pvk <my.pvk> -spc <my.cer> -pfx <my.pfx>
The private key is located in my trusted root certificate store and worked when I generated the application from the installer using the Desktop App Converter .
I use the following command:
signtool.exe sign -f <path to my pfx file> -fd SHA256 -v .\FishTank.appx
but SignTool raises an error:
The following certificate was selected: Issued to: ... Issued by: ... Expires: Sat Dec 31 18:59:59 2039 SHA1 hash: ... Done Adding Additional Store Error information: "Error: SignerSign() failed." (-2147024885/0x8007000b)
Certificate publisher matches what is in appmanifest.xml
<?xml version="1.0" encoding="utf-8"?> <Package xmlns="http://schemas.microsoft.com/appx/manifest/foundation/windows10" xmlns:uap="http://schemas.microsoft.com/appx/manifest/uap/windows10" xmlns:rescap="http://schemas.microsoft.com/appx/manifest/foundation/windows10/restrictedcapabilities"> <Identity Name="..." ProcessorArchitecture="x64" Publisher="CN=..." Version="1.1.0.0" /> <Properties> <DisplayName>Fish Tank</DisplayName> <PublisherDisplayName>Reserved</PublisherDisplayName> <Description>Some fish. Swimming around on your screen.</Description> <Logo>StoreLogo.png</Logo> </Properties> <Resources> <Resource Language="en-us" /> </Resources> <Dependencies> <TargetDeviceFamily Name="Windows.Desktop" MinVersion="10.0.14316.0" MaxVersionTested="10.0.14316.0" /> </Dependencies> <Capabilities> <rescap:Capability Name="runFullTrust"/> </Capabilities> <Applications> <Application Id="FishTank" Executable="FishTank.exe" EntryPoint="Windows.FullTrustApplication"> <uap:VisualElements BackgroundColor="#464646" DisplayName="Fish Tank" Square150x150Logo="Square150x150Logo.png" Square44x44Logo="Square44x44Logo.png" Description="Some fish. Swimming around on your screen." /> </Application> </Applications> </Package>
windows-store-apps signtool desktop-bridge desktop-app-converter
dkackman
source share