Creating a sample: what certificate to use?

Question

I want to put up a sample that I created (zipped solution on my website).

I am using Visual Studio RC, C++, Direct2d XAML template.

When I create my solution it adds a temporary key: Direct2DApp1_TemporaryKey.pfx to the project. If I go to Package.appxmanifest I see that I have a key (CN=admin) and that expires in one year.

When I put the sample up for public download I will:
-delete the debug folder
-delete the ipch folder
-delete the .sdf

Should I just leave that key (Direct2DApp1_TemporaryKey.pfx) there? I assume if it expires a user could just generate  a new key for themselves using the Package.appxmanifest, Package  -- but if it is OK to send my temp key then that would be easier for the user. Is this the correct way to put up a solution for public download? Is there any specifics that I need to do that I did not mention above?

Also...
I noticed in the SDK samples that they don't have a x.pfx file yet they build OK and in Package.appxmanifest, Package I see CN=Microsoft Corporation. I am not sure how these work together so if you could provide some info on the certificate and how the .prx file works with this that would be appreciated.

Thank you!

Answer 1

Hello,

You should signed a certificate authority  in your metro application when you try to publish it. You can follow this document
http://blogs.msdn.com/b/windowsstore/archive/2012/04/25/deploying-metro-style-apps-to-businesses.aspx

And this how to signing a package.
http://msdn.microsoft.com/en-us/library/windows/apps/br230260(v=vs.110)

Best regards,
Jesse

---

Jesse Jiang [MSFT]
MSDN Community Support | Feedback to us

Answer 2

Hi --

Thanks for the above. Since I want to zip the entire solution and put that up as a sample for others to load into Visual Studio and build and modify themselves I am thinking I will do the following:

1. Open Package.appxmanifest (brings up the manifest designer in Visual Studio)
2. Go to the Packaging tab
3. Choose Certificate, Configure Certificate, Create Test Certificate

So is this Test Certificate OK? -- then the user of the sample can just rebuild the sample with that cert or if they wish to do something with the sample add their own certificate.

Initially I will zip up my sample solution and include the MyApp_TemporaryKey.pfx. Is it OK to include this .pfx temp cert file in my zip?

Thank you

Answer 3

Hi --

Could anyone please confirm (or say the correct way if wrong) my idea above.... I want to be sure I am zipping up the SLN properly (that is make a test cert and including the MyApp_TemporaryKey.pfx so I can put out a sample as a zipped solution for others to download and build in their VS 2012 RC with a test or temp certificate.

Thank you!

Answer 4

Hi,

I think the certificate file is used for public your application. If you just want to public the sample codes, you need not include it.

You can download the sample code form http://code.msdn.microsoft.com/windowsapps/
There is no certificate file in the sample.

Best regards,
Jesse

---

Jesse Jiang [MSFT]
MSDN Community Support | Feedback to us

Answer 5

Hi --

If I delete the temp cert (in my case mFlight_TemporaryKey.pfx) it does load and build and run but you get a warning during the build:

1>C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v11.0\AppxPackage\Microsoft.AppXPackage.Targets(782,9): warning APPX0104: Certificate file 'mFlight_TemporaryKey.pfx' not found.
1>C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v11.0\AppxPackage\Microsoft.AppXPackage.Targets(782,9): warning APPX0107: The certificate specified is not valid for signing. For more information about valid certificates, see http://go.microsoft.com/fwlink/?LinkID=241478.

So I guess that is OK -- I can just tell people that they can add their own cert to it if they want.

Thank you!