locked
How to trust certificate for Windows 8 / Metro Style apps when sideloading

    Question

  • Hi,

    I was sent a .appxupload file which I extracted the .appx file from.  I noticed that the .appx file did not contain the powershell script called Add-AppDevPackage.ps1 which likely would have made this easy.  So I went to powershell and tried to run Add-AppxPackage, however the problem that I am getting is and error about the root certificate which is not trusted by the trust provider.

    PS C:\> Add-AppxPackage C:\MyAppx_AnyCPU.appx

    Add-AppxPackage : Deployment failed with HRESULT: 0x800B0109, A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. (Exception from HRESULT: 0x800B0109) error 0x800B0109: The root certificate of the signature in the app package must be trusted. NOTE: For additional information, look for [ActivityId] 0f358a25-854d-0006-caa9-350f4d85cd01 in the Event Log or use the command line Get-AppxLog -ActivityID 0f358a25-854d-0006-caa9-350f4d85cd01

    At line:1 char:1

    + Add-AppxPackage C:\MyAppx_AnyCPU.appx

    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        + CategoryInfo          : NotSpecified: (C:\MyAppx_AnyCPU.appx:String) [Add-AppxPackage], Exception

        + FullyQualifiedErrorId : DeploymentError,Microsoft.Windows.Appx.PackageManager.Commands.AddAppxPackageCommand

    Ask: How do I determine the certificate that needs to be added to Trusted People > Certificates or Trusted Root Certification Authorities > Certificates?

    Cheers!

    Thursday, August 30, 2012 6:04 PM

Answers

  • The person who sent you the .appxupload file should have also sent you the certificate that was used to sign the package. Ask that person to share the entire package output folder to you. The folder should include the .cert file as well as the .ps1 file. See this link for more info: http://msdn.microsoft.com/en-us/library/windows/apps/hh975356.aspx

    • Proposed as answer by SDTJ Wednesday, November 14, 2012 5:46 PM
    • Marked as answer by The Chicago Way Thursday, February 28, 2013 3:44 AM
    Monday, September 17, 2012 10:26 PM

All replies

  • The person who sent you the .appxupload file should have also sent you the certificate that was used to sign the package. Ask that person to share the entire package output folder to you. The folder should include the .cert file as well as the .ps1 file. See this link for more info: http://msdn.microsoft.com/en-us/library/windows/apps/hh975356.aspx

    • Proposed as answer by SDTJ Wednesday, November 14, 2012 5:46 PM
    • Marked as answer by The Chicago Way Thursday, February 28, 2013 3:44 AM
    Monday, September 17, 2012 10:26 PM
  • How do I determine the certificate that needs to be added to Trusted Root CA? Once I find it, where should I add to - personal cert store or machine cert store?
    Saturday, September 22, 2012 7:06 PM